About “Malware.AI.2142642860” infection

The Malware.AI.2142642860 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.2142642860 virus can do?

SetUnhandledExceptionFilter detected (possible anti-debug)
Dynamic (imported) function loading detected
The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid

How to determine Malware.AI.2142642860?


File Info:
name: BAE4B7EEC41B17146002.mlw
path: /opt/CAPEv2/storage/binaries/29554e01e0a342ee8e03f6402d337338578de5b3896edc612eab6298ed4366b2
crc32: 991CA6DB
md5: bae4b7eec41b17146002fbc8b6a9011c
sha1: 2879f607d7cf9503791775ad482a5c6a3b340fb2
sha256: 29554e01e0a342ee8e03f6402d337338578de5b3896edc612eab6298ed4366b2
sha512: ed78610e1542bd749a80bbceb8ea9efcaaf487c4d115d977c1258c9f77dac7eaf3984146dbd33c077428603a09635183cd260681d9e7628f64e442d8192df3ab
ssdeep: 24576:4USqQxSS74gQirOaB1p8GKtKoPYA4F7IGiYq6IT9Q+Ol:xStP74gQiKaB18tz+7v9qTTaB
type: PE32+ executable (GUI) x86-64, for MS Windows
tlsh: T1BE158D5AA7A800F9D577C138C9929607E7B2B45A136097DF03E08A763F236F15E3B760
sha3_384: 9503d410b20a2835a1032ad1cc4e65b3955cf27f9a4f4897857a25cd5be71a9fef083d6fd33f0ab914f8bca86788c0be
ep_bytes: 4883ec28e8730500004883c428e97afe
timestamp: 2021-11-29 11:26:29

Version Info:
0: [No Data]

Malware.AI.2142642860 also known as:

Cynet	Malicious (score: 99)
FireEye	Gen:Variant.Cerbu.121914
ALYac	Gen:Variant.Cerbu.121914
Zillya	Trojan.Disco.Win32.4278
K7AntiVirus	Riskware ( 00584baa1 )
Alibaba	TrojanPSW:Win32/Disco.8739611b
K7GW	Riskware ( 00584baa1 )
Cybereason	malicious.7d7cf9
Cyren	W64/Agent.DUX.gen!Eldorado
Symantec	Trojan.Gen.2
ESET-NOD32	a variant of Win64/PSW.Agent.BI
APEX	Malicious
Kaspersky	Trojan-PSW.Win32.Disco.huc
BitDefender	Gen:Variant.Cerbu.121914
MicroWorld-eScan	Gen:Variant.Cerbu.121914
Avast	Win64:PWSX-gen [Trj]
Ad-Aware	Gen:Variant.Cerbu.121914
Emsisoft	Gen:Variant.Cerbu.121914 (B)
TrendMicro	TROJ_GEN.R002C0PL221
McAfee-GW-Edition	RDN/Generic PWS.y
Ikarus	Trojan-PSW.Agent
GData	Gen:Variant.Cerbu.121914
Jiangmin	Trojan.PSW.Disco.cke
Avira	TR/PSW.Agent.mruib
Antiy-AVL	Trojan/Generic.ASMalwS.34DAA68
Arcabit	Trojan.Cerbu.D1DC3A
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
AhnLab-V3	Trojan/Win.Generic.C4788825
McAfee	RDN/Generic PWS.y
MAX	malware (ai score=82)
Malwarebytes	Malware.AI.2142642860
TrendMicro-HouseCall	TROJ_GEN.R002C0PL221
Yandex	Trojan.PWS.Disco!w7IEQE19bb4
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/PossibleThreat
AVG	Win64:PWSX-gen [Trj]

How to remove Malware.AI.2142642860?

Malware.AI.2142642860 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X