Malware

Malware.AI.2048754507 removal tips

Malware Removal

The Malware.AI.2048754507 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.2048754507 virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Repeatedly searches for a not-found process, may want to run with startbrowser=1 option
  • Reads data out of its own binary image
  • The binary likely contains encrypted or compressed data.
  • Attempts to delete volume shadow copies
  • Attempts to repeatedly call a single API many times in order to delay analysis time
  • Installs itself for autorun at Windows startup
  • Creates a hidden or system file
  • Creates a copy of itself
  • Uses suspicious command line tools or Windows utilities

How to determine Malware.AI.2048754507?



File Info:

crc32: EB38DA77
md5: c59efec3f48bdf40cbafd6243df35087
name: C59EFEC3F48BDF40CBAFD6243DF35087.mlw
sha1: a90e263a42aea78d5724f9745145b291586999c8
sha256: 8eb02e3deae565e40d1ef275823f84007d764c7e174ffd11814ddf1ed00fc6c1
sha512: ffa673c1b6c009b20d7a2e16f26ce98c08f50dcf05f75e0add695a1ad68b6746b03fab342b9fe7f7fef4bbe82dd3f01c28d171f887e34b35471eb05daf462374
ssdeep: 6144:VJSIFZ+RkSLmzDOETmtJYb8ULjFFs8OhXVDd:VJX+RkSLm/OH0Fs1hF
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: (c) 2015, Josh Mayfield/Ultimate Outsider. All rights reserved.
InternalName: GWX_control_panel.exe
FileVersion: 1.3.0.0
CompanyName: UltimateOutsider
ProductName: Control Panel
ProductVersion: 1.3.0.0
FileDescription: GWX Control Panel - Closes and configures the 'Get Windows 10' system tray application.
OriginalFilename: GWX_control_panel.exe
Translation: 0x0409 0x04b0

Malware.AI.2048754507 also known as:

BkavW32.AIDetect.malware2
K7AntiVirusTrojan ( 0050a29e1 )
Elasticmalicious (high confidence)
DrWebTrojan.Encoder.3953
CynetMalicious (score: 100)
ALYacGen:Variant.Strictor.125819
CylanceUnsafe
ZillyaTrojan.Crusis.Win32.669
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaRansom:Win32/Crusis.c7db7c5e
K7GWTrojan ( 0050a29e1 )
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Kryptik.FQUW
APEXMalicious
AvastWin32:Malware-gen
KasperskyTrojan-Ransom.Win32.Crusis.bpu
BitDefenderGen:Variant.Strictor.125819
NANO-AntivirusTrojan.Win32.Crusis.evshub
MicroWorld-eScanGen:Variant.Strictor.125819
TencentWin32.Trojan.Strictor.Syru
Ad-AwareGen:Variant.Strictor.125819
SophosMal/Generic-S + Mal/Kryptik-DC
ComodoMalware@#12vyco6jumer0
BitDefenderThetaGen:NN.ZexaF.34608.ru0@amMeg1gi
VIPRETrojan.Win32.Generic!BT
TrendMicroRansom_HPLOCKY.SME
McAfee-GW-EditionBehavesLike.Win32.BadFile.dc
FireEyeGeneric.mg.c59efec3f48bdf40
EmsisoftGen:Variant.Strictor.125819 (B)
SentinelOneStatic AI – Malicious PE
AviraHEUR/AGEN.1128643
eGambitUnsafe.AI_Score_100%
MicrosoftVirTool:Win32/Injector
ArcabitTrojan.Strictor.D1EB7B
AegisLabTrojan.Win32.Generic.4!c
GDataGen:Variant.Strictor.125819
Acronissuspicious
McAfeeArtemis!C59EFEC3F48B
MAXmalware (ai score=100)
VBA32Trojan-Ransom.Crusis
MalwarebytesMalware.AI.2048754507
PandaTrj/CI.A
TrendMicro-HouseCallRansom_HPLOCKY.SME
RisingRansom.Crusis!8.5724 (CLOUD)
YandexTrojan.Kryptik!n8uAB+hvEBU
IkarusTrojan-Ransom.GandCrab
FortinetW32/Crusis.BPU!tr
AVGWin32:Malware-gen
Paloaltogeneric.ml
Qihoo-360Win32/Ransom.CrySiS.HgIASOMA

How to remove Malware.AI.2048754507?

Malware.AI.2048754507 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment