Malware

Malware.AI.2161958603 malicious file

Malware Removal

The Malware.AI.2161958603 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.2161958603 virus can do?

  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Behavioural detection: Injection (Process Hollowing)
  • Executed a process and injected code into it, probably while unpacking
  • Behavioural detection: Injection (inter-process)
  • Created a process from a suspicious location
  • CAPE detected the njRat malware family
  • Anomalous binary characteristics

How to determine Malware.AI.2161958603?



File Info:

name: CFC60126CB4371839C13.mlw
path: /opt/CAPEv2/storage/binaries/e421adddb16efd858fcce38edab30f80ab3da58f38e8058ce5920bcae20ca506
crc32: 8905279F
md5: cfc60126cb4371839c13d1871e4601af
sha1: 22e633359ced8420a78a0b85ef71c2c624e3c880
sha256: e421adddb16efd858fcce38edab30f80ab3da58f38e8058ce5920bcae20ca506
sha512: 2e6a8f016db77c3dd2787b741624229baefbef5712d84602fdbdd344fdef9756f31639586358e8cce56a7ddb5bc99018552cfc13ab9268fd9ae2ab29bddc660d
ssdeep: 768:Hu2qNppLsz7sMSGhstzA81ZsWQU9L/QNWlDva2IGLRr5Z3U2Uvkl:O2q3pLscBG2FJQNV3G1rw2fl
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T11B23BF43B693D431C91ACBBD1C0EE4AD5B3B7D312E96407996F83DDA98392901C0C6AE
sha3_384: 5bb6918c90c0f8b5f691d7152237e306a36f4149fa55ecaf5da611b782e050bb25a9c8276a28178e3005bccb4ebe1814
ep_bytes: 558becb9090000006a006a004975f953
timestamp: 1992-06-19 22:22:17


Version Info:

0: [No Data]

Malware.AI.2161958603 also known as:

Elasticmalicious (high confidence)
CynetMalicious (score: 100)
FireEyeGeneric.mg.cfc60126cb437183
McAfeeGeneric Dropper.ahq
CylanceUnsafe
K7AntiVirusTrojan ( 000fabcb1 )
K7GWTrojan ( 000fabcb1 )
Cybereasonmalicious.6cb437
CyrenW32/Risk.CEPT-1545
SymantecBackdoor.Ratenjay
ESET-NOD32a variant of Win32/TrojanDropper.Delf.NFH
APEXMalicious
ClamAVWin.Dropper.Agent-40734
KasperskyPacked.Win32.Krap.es
BitDefenderTrojan.Dropper.Delf.AZF
NANO-AntivirusTrojan.Win32.Delf.fzix
MicroWorld-eScanTrojan.Dropper.Delf.AZF
AvastWin32:Delf-GIY [Drp]
TencentMalware.Win32.Gencirc.10b3b551
Ad-AwareTrojan.Dropper.Delf.AZF
EmsisoftTrojan.Dropper.Delf.AZF (B)
ComodoTrojWare.Win32.TrojanDropper.Delf.~JI@frxl
DrWebTrojan.MulDrop.13277
VIPRETrojan-Dropper.Win32.Delf.ga (v)
TrendMicroTROJ_DELF.IKU
McAfee-GW-EditionBehavesLike.Win32.Fareit.pc
SophosML/PE-A + Mal/Dropper-G
SentinelOneStatic AI – Malicious PE
GDataTrojan.Dropper.Delf.AZF
JiangminTrojanDropper.Delf.amw
MaxSecureTrojan.Malware.300983.susgen
AviraBDS/Hupigon.Gen
MAXmalware (ai score=89)
Antiy-AVLTrojan/Generic.ASBOL.729
ViRobotDropper.Delf.246407
MicrosoftBackdoor:MSIL/Bladabindi.AJ
AhnLab-V3Dropper/Win32.Xema.C25582
Acronissuspicious
BitDefenderThetaAI:Packer.EF4E1D5C1F
ALYacTrojan.Dropper.Delf.AZF
VBA32Malware-Cryptor.Inject.gen
MalwarebytesMalware.AI.2161958603
TrendMicro-HouseCallTROJ_DELF.IKU
RisingDropper.Win32.Delf.aep (CLASSIC)
YandexTrojan.GenAsa!qr9coPvHb3g
IkarusBehavesLikeWin32.ProcessHijack
FortinetW32/Injector.fam!tr
AVGWin32:Delf-GIY [Drp]
PandaTrj/Genetic.gen
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Malware.AI.2161958603?

Malware.AI.2161958603 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment