Malware

What is “Malware.AI.2078518021”?

Malware Removal

The Malware.AI.2078518021 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.2078518021 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • At least one process apparently crashed during execution
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Dynamic (imported) function loading detected
  • Performs HTTP requests potentially not found in PCAP.
  • HTTPS urls from behavior.
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Authenticode signature is invalid
  • Attempts to modify proxy settings

How to determine Malware.AI.2078518021?



File Info:

name: D2F0CD3DD0157BD18A35.mlw
path: /opt/CAPEv2/storage/binaries/409a6f8fe3a7af580a70107e7a3bcc99af8bb43f27eed875a76d7029a867049d
crc32: ACB569C0
md5: d2f0cd3dd0157bd18a353d1568df6630
sha1: 0401236585d0aa9268fec043106c6ddcc4004a20
sha256: 409a6f8fe3a7af580a70107e7a3bcc99af8bb43f27eed875a76d7029a867049d
sha512: e48a85168411a6c51c73a5c0a550c6bc75ad7c26c9247e131f8d3e8125f93df1851b9b7086f01751b564c9691ad42f95e00ca1d950526d1f69a97b0bfdc70ec9
ssdeep: 6144:g+NuthUbF+/mzAwi64XxfYZo0VjsW3NR:5F+xjXxfYZodW3
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1D5544A1177D0C032C26231728A52E2BAA6AEBC305D3557477BD07B3EDFB42D1DA2875A
sha3_384: 04c33bda37229e7c8c69d62b64935c42af1d296d7540b6b9531dc1d2c5c6deafdb5ee21999e2ea1849ccd35524091c92
ep_bytes: e8856d0000e978feffff6a0c6868f443
timestamp: 2018-04-05 14:08:09


Version Info:

CompanyName: 
FileDescription: BOCCard Microsoft 基础类应用程序
FileVersion: 1, 0, 0, 1
InternalName: BOCCard
LegalCopyright: 版权所有 (C) 2018
LegalTrademarks: 
OriginalFilename: BOCCard.EXE
ProductName: BOCCard 应用程序
ProductVersion: 1, 0, 0, 1
Translation: 0x0804 0x04b0

Malware.AI.2078518021 also known as:

LionicTrojan.Win32.Generic.lJN8
Elasticmalicious (high confidence)
CynetMalicious (score: 99)
CAT-QuickHealTrojan.MauvaiseRI.S5254478
ALYacGen:Variant.Doina.7813
CylanceUnsafe
K7AntiVirusTrojan-Downloader ( 0052d8e91 )
BitDefenderGen:Variant.Doina.7813
K7GWTrojan-Downloader ( 0052d8e91 )
Cybereasonmalicious.dd0157
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/TrojanDownloader.Agent.DXT
APEXMalicious
AvastWin32:Malware-gen
KasperskyHEUR:Trojan.Win32.Generic
AlibabaTrojanDownloader:Win32/Generic.559109b5
NANO-AntivirusTrojan.Win32.Zusy.gfzgrb
MicroWorld-eScanGen:Variant.Doina.7813
TencentMalware.Win32.Gencirc.10b63c74
Ad-AwareGen:Variant.Doina.7813
SophosMal/Generic-S
ZillyaDownloader.Agent.Win32.350236
McAfee-GW-EditionGenericRXEP-LR!D2F0CD3DD015
FireEyeGeneric.mg.d2f0cd3dd0157bd1
EmsisoftGen:Variant.Doina.7813 (B)
IkarusTrojan-Downloader.Win32.Agent
GDataGen:Variant.Doina.7813
JiangminBackdoor.Farfli.fbd
AviraHEUR/AGEN.1115354
Antiy-AVLTrojan/Generic.ASMalwS.25AA10C
ArcabitTrojan.Doina.D1E85
SUPERAntiSpywareTrojan.Agent/Gen-Downloader
MicrosoftTrojan:Win32/Occamy.C
AhnLab-V3Malware/Win32.Generic.C2453086
McAfeeGenericRXEP-LR!D2F0CD3DD015
MAXmalware (ai score=88)
VBA32Trojan.Dynamer
MalwarebytesMalware.AI.2078518021
RisingDownloader.Agent!8.B23 (CLOUD)
YandexTrojan.GenAsa!UB8OHN3FACo
SentinelOneStatic AI – Suspicious PE
MaxSecureTrojan.Malware.12299515.susgen
FortinetW32/Agent.DXT!tr
BitDefenderThetaGen:NN.ZexaF.34114.rq1@aK056thb
AVGWin32:Malware-gen
Paloaltogeneric.ml
CrowdStrikewin/malicious_confidence_90% (D)

How to remove Malware.AI.2078518021?

Malware.AI.2078518021 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment