Malware

Should I remove “Malware.AI.2122450745”?

Malware Removal

The Malware.AI.2122450745 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.2122450745 virus can do?

  • Reads data out of its own binary image
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Malware.AI.2122450745?



File Info:

name: 65626394B74A9AD3380E.mlw
path: /opt/CAPEv2/storage/binaries/09d2598f44cebf313c81dd4a3c9e6a43e2917505e669916651231bb92b14308c
crc32: FC2E6330
md5: 65626394b74a9ad3380e583212affd2c
sha1: d513afd04b3a480292674bac3dfd96e25d8fae89
sha256: 09d2598f44cebf313c81dd4a3c9e6a43e2917505e669916651231bb92b14308c
sha512: 3754c8c8e5d2bedf6e9b6ffd06acad483c2b7f7331582aeba8a4f301bf916f04faddc6863b825d160beab5ebe08562f5fdc83571f1d9255e597dc56316e2dc3a
ssdeep: 6144:+Zaat545GYw9gpEvWf2K8o9Ot31zith8Iqtrbs3tfyhhkdwHGvu464ttoS:eaaticl9gWvCnwt31ioZtr2tfyDvHGnb
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T166841283A759F8D9EC984032065F8A4CCA27EC750E770E6BA7F5F15F9E3315B6A10A04
sha3_384: 6a657e3274ae530cd85d3c4edd90f4f1c3c5d6e5fb148e61353f697e64661698f94e06539de31dc1d8512d16459726f3
ep_bytes: 60be00204b008dbe00f0f4ffc787a020
timestamp: 1992-06-19 22:22:17


Version Info:

0: [No Data]

Malware.AI.2122450745 also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Jaik.4!c
MicroWorld-eScanGen:Variant.Fragtor.380194
FireEyeGen:Variant.Fragtor.380194
SkyhighRDN/Generic PWS.y
ALYacGen:Variant.Fragtor.380194
MalwarebytesMalware.AI.2122450745
VIPREGen:Variant.Fragtor.380194
SangforInfostealer.Win32.QQPass.Vb88
K7AntiVirusPassword-Stealer ( 004a0d5d1 )
BitDefenderGen:Variant.Fragtor.380194
K7GWPassword-Stealer ( 004a0d5d1 )
CrowdStrikewin/malicious_confidence_100% (W)
SymantecML.Attribute.HighConfidence
Elasticmalicious (moderate confidence)
ESET-NOD32a variant of Win32/PSW.QQPass.OJP
APEXMalicious
AlibabaTrojanPSW:Win32/QQPass.78203014
RisingStealer.QQPass!8.F7 (CLOUD)
EmsisoftGen:Variant.Fragtor.380194 (B)
F-SecureTrojan.TR/PSW.QQpass.mshgh
ZillyaTrojan.QQPass.Win32.64732
TrendMicroTROJ_GEN.R002C0PJ923
SophosMal/Generic-S
SentinelOneStatic AI – Suspicious PE
MAXmalware (ai score=80)
GoogleDetected
AviraTR/PSW.QQpass.mshgh
Antiy-AVLTrojan[PSW]/Win32.QQPass
MicrosoftTrojan:Win32/ScarletFlash.A
ArcabitTrojan.Fragtor.D5CD22
GDataGen:Variant.Fragtor.380194
McAfeeRDN/Generic PWS.y
DeepInstinctMALICIOUS
Cylanceunsafe
PandaTrj/Chgt.AD
TrendMicro-HouseCallTROJ_GEN.R002C0PJ923
TencentWin32.Trojan.Psw.Tzfl
YandexTrojan.PWS.QQPass!tBMeceOT/BM
IkarusTrojan-PSW.QQpass
MaxSecureTrojan.Malware.216104566.susgen
FortinetW32/SpyBanker.DAON!tr
BitDefenderThetaGen:NN.ZelphiF.36792.wmGfayhLwqfj
AVGWin32:Malware-gen
AvastWin32:Malware-gen

How to remove Malware.AI.2122450745?

Malware.AI.2122450745 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment