Malware

Malware.AI.2166106044 removal instruction

Malware Removal

The Malware.AI.2166106044 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.2166106044 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Uses Windows utilities for basic functionality
  • Performs HTTP requests potentially not found in PCAP.
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Uses Windows utilities to create a scheduled task
  • Behavioural detection: Injection (Process Hollowing)
  • Behavioural detection: Injection with SetWindowLong in a remote process
  • Behavioural detection: Injection (inter-process)
  • Attempts to modify proxy settings
  • Deletes executed files from disk
  • Anomalous binary characteristics
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Malware.AI.2166106044?



File Info:

name: 5DC9F557DFF3112398C5.mlw
path: /opt/CAPEv2/storage/binaries/40abc64937483290792c3f0b4147715a5d9611524574b9a64f35c9d05846ffac
crc32: EB49EAC4
md5: 5dc9f557dff3112398c5915de516a325
sha1: fa497d79ee701bb7a7ebbb9130502103ef3aff44
sha256: 40abc64937483290792c3f0b4147715a5d9611524574b9a64f35c9d05846ffac
sha512: a6571ea6fd27e9df4b13acd884823fa657c4e316017ff22cb525972ab9d69dc958e1adbc9817c14d2e6a2f68f07dceb78082869e27576f0b51d7f565f3e8e124
ssdeep: 1536:I7JpAEWDB1FdRb0E6bDXbmnqqVBsJuUhXFSt/8+OA+F136UDo5BfxWNGuKC:IdqEyFdObjbmq3JuyVe8pA+zJo/fcKC
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T12B939E0156E34822E877A9B08DB626F54ABC7C772322E1EF8750DD0D5A719923D31F2D
sha3_384: cf3780f9bf4171bd2ba5e354cbef2f5bda6e52a793c2b199570ce1af9a432e3131a7dcb2bf2f3c3be08a47d2b12a6235
ep_bytes: 558bec6aff68487b4000684c65400064
timestamp: 2004-09-04 03:38:26


Version Info:

0: [No Data]

Malware.AI.2166106044 also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Generic.m7Rt
MicroWorld-eScanGen:Variant.Ulise.420642
FireEyeGeneric.mg.5dc9f557dff31123
CAT-QuickHealTrojanPWS.Zbot.Gen
SkyhighBehavesLike.Win32.Backdoor.nh
McAfeeDownloader-FEX!5DC9F557DFF3
MalwarebytesMalware.AI.2166106044
ZillyaTrojan.Inject.Win32.65030
SangforSuspicious.Win32.Save.ins
K7AntiVirusTrojan ( 0055e3991 )
BitDefenderGen:Variant.Ulise.420642
K7GWTrojan ( 0055e3991 )
Cybereasonmalicious.9ee701
BitDefenderThetaGen:NN.ZexaF.36792.fqW@aKVfC5mi
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Injector.ARGV
APEXMalicious
KasperskyTrojan-Ransom.Win32.PornoAsset.crgv
AlibabaRansom:Win32/PornoAsset.06f0b4c1
NANO-AntivirusTrojan.Win32.ShipUp.cqmule
RisingHackTool.CeeInject!8.B22 (TFE:5:uZg1xl3mioS)
SophosMal/Zbot-OA
F-SecureTrojan.TR/Crypt.XPACK.Gen
DrWebTrojan.DownLoader9.22851
VIPREGen:Variant.Ulise.420642
TrendMicroTROJ_INJECT.SMO1
Trapminemalicious.high.ml.score
EmsisoftGen:Variant.Ulise.420642 (B)
IkarusVirus.Win32.CeeInject
JiangminTrojan/PornoAsset.sjr
WebrootTrojan.Dropper.Gen
GoogleDetected
AviraTR/Crypt.XPACK.Gen
Antiy-AVLTrojan[PSW]/Win32.Tepfer
Kingsoftmalware.kb.a.999
MicrosoftTrojan:Win32/Viknok.B
XcitiumTrojWare.Win32.Injector.ARID@54zugd
ArcabitTrojan.Ulise.D66B22
ZoneAlarmTrojan-Ransom.Win32.PornoAsset.crgv
GDataGen:Variant.Ulise.420642
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Zbot.R89074
VBA32BScope.Trojan.Dridex
ALYacGen:Variant.Ulise.420642
MAXmalware (ai score=100)
DeepInstinctMALICIOUS
Cylanceunsafe
PandaTrj/Dtcontx.I
TrendMicro-HouseCallTROJ_INJECT.SMO1
TencentMalware.Win32.Gencirc.1153c7dd
YandexTrojan.Agent!rK5TxUusgPQ
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.9219453.susgen
AVGWin32:CeeInject-X [Trj]
AvastWin32:CeeInject-X [Trj]
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Malware.AI.2166106044?

Malware.AI.2166106044 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment