Malware

Malware.AI.2120262691 (file analysis)

Malware Removal

The Malware.AI.2120262691 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.2120262691 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • A file was accessed within the Public folder.
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Executable file is packed/obfuscated with MPRESS
  • Authenticode signature is invalid
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Malware.AI.2120262691?



File Info:

name: 3CDCF6A97E86936D48A9.mlw
path: /opt/CAPEv2/storage/binaries/e7a7b07619dce03800d9d7f1c3be8202d785e1ef115397f273100d7b4feb7ef2
crc32: 0758C92A
md5: 3cdcf6a97e86936d48a9a7912d4ec724
sha1: ddc6d515289edcdd0247464cec5a7958e43e1369
sha256: e7a7b07619dce03800d9d7f1c3be8202d785e1ef115397f273100d7b4feb7ef2
sha512: 4cfa57cf06d6e66e68d33cc8ae0abb51ebfedfb7400e86b134b099d66015fe9e44c1c0a827f6e08cba68a86ff440625e401f2da92bb9717df0692d057b911503
ssdeep: 12288:O2pKRdIoBtDM6tz6G+g1wX9N3sviD4mAh7S7w7e7:O2pKRdntD1RHQcH
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T122D404115B888C01C9559AF3C8264A7B1376FD346B229AB94F957CEBBF7219ED803073
sha3_384: c347391139816108f5a29b122147a27378dba54cab33b9dd57539025a74c31228a3d257d95ada30ef259f733c777be4d
ep_bytes: 60e80000000058055a0b00008b3003f0
timestamp: 2023-02-06 15:15:19


Version Info:

Comments: 
CompanyName: YT Applications
FileDescription: YT Player
FileVersion: 7, 21, 1, 0
InternalName: YT Player
LegalCopyright: (C) YT Applications. All rights reserved.
LegalTrademarks: 
OriginalFilename: YTPlayer.EXE
PrivateBuild: 
ProductName: YT Downloader
ProductVersion: 7, 21, 1, 0
SpecialBuild: 
Translation: 0x0409 0x04b0

Malware.AI.2120262691 also known as:

BkavW32.Common.D7796065
LionicTrojan.Win32.Generic.4!c
Elasticmalicious (high confidence)
McAfeeGenericRXAA-AA!3CDCF6A97E86
MalwarebytesMalware.AI.2120262691
SangforTrojan.Win32.Agent.Vyoz
SymantecML.Attribute.HighConfidence
APEXMalicious
ClamAVWin.Malware.Generic-9951959-0
McAfee-GW-EditionBehavesLike.Win32.Generic.hc
Trapminemalicious.high.ml.score
FireEyeGeneric.mg.3cdcf6a97e86936d
SophosGeneric ML PUA (PUA)
SentinelOneStatic AI – Malicious PE
WebrootW32.Trojan.Genkd
GoogleDetected
Antiy-AVLTrojan/Win32.PossibleThreat
CynetMalicious (score: 100)
BitDefenderThetaGen:NN.ZexaF.36722.LmuaaKSPKYdi
Cylanceunsafe
FortinetW32/PossibleThreat
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_70% (W)

How to remove Malware.AI.2120262691?

Malware.AI.2120262691 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment