Malware

What is “Malware.AI.2198818573”?

Malware Removal

The Malware.AI.2198818573 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.2198818573 virus can do?

  • A file was accessed within the Public folder.
  • Sample contains Overlay data
  • Performs HTTP requests potentially not found in PCAP.
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • Authenticode signature is invalid
  • Attempts to repeatedly call a single API many times in order to delay analysis time
  • Attempts to modify proxy settings

How to determine Malware.AI.2198818573?



File Info:

name: 87DFAA54CF92A83BEB13.mlw
path: /opt/CAPEv2/storage/binaries/6d6b7aef2345b8e499c1e2ff030ea5b0db897b82d4badf027e6dae7c58509798
crc32: 744ABFCD
md5: 87dfaa54cf92a83beb136eee1db4924d
sha1: c3575b47aec43423495d77f896f66f130d6f5ecd
sha256: 6d6b7aef2345b8e499c1e2ff030ea5b0db897b82d4badf027e6dae7c58509798
sha512: f4bca15bb6b7f4663ff26c125999d881ab6f2c0b87a354aa427380c7a1d2ad42edd21d23512876e430c6b141f5dc18e0d49f5796e47e7132c868bc2a12399699
ssdeep: 96:F2aTAs98FDuHnnwR2UKfeHbCpUMZwSNOudfWFFBDzP+dJoaHpi58H7SYld:YEdnwR23mHep/uPsHE4Sm
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1BCC2143DAED51572E3BBCAB5C9F155CBBA61706335128C4E80DB03850C23F97ADA1A0E
sha3_384: 49f90013e574f21cb3f4c3acba81c796da5f4a1f575c8f8eb54f1b40ce16fa1d91df006d00250cd0aa7e1f9fffecba1b
ep_bytes: 558bec81ec3c08000053565733f656ff
timestamp: 2013-10-10 12:24:34


Version Info:

0: [No Data]

Malware.AI.2198818573 also known as:

BkavW32.AIDetectMalware
tehtrisGeneric.Malware
CynetMalicious (score: 100)
CAT-QuickHealTrojan.Mauvaise.SL1
McAfeeGenericATG-FKM!87DFAA54CF92
MalwarebytesMalware.AI.2198818573
VIPRETrojan.GenericKDZ.74346
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan-Downloader ( 0055f33b1 )
K7GWTrojan-Downloader ( 004b972f1 )
CrowdStrikewin/malicious_confidence_100% (D)
BaiduWin32.Trojan-Downloader.Waski.k
CyrenW32/Upatre.KG.gen!Eldorado
SymantecDownloader.Upatre!gm
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/TrojanDownloader.Waski.A
APEXMalicious
ClamAVWin.Downloader.Upatre-7598844-0
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderTrojan.GenericKDZ.74346
MicroWorld-eScanTrojan.GenericKDZ.74346
AvastWin32:Downloader-WID [Trj]
TencentTrojan.Win32.Downloader.wb
EmsisoftTrojan.GenericKDZ.74346 (B)
F-SecureTrojan.TR/Crypt.XPACK.Gen
DrWebTrojan.DownLoad3.28161
ZillyaDownloader.Waski.Win32.58996
TrendMicroTROJ_UPATRE.SM37
Trapminemalicious.high.ml.score
FireEyeGeneric.mg.87dfaa54cf92a83b
SophosTroj/Upatre-YW
SentinelOneStatic AI – Suspicious PE
GDataWin32.Trojan.PSE.11PMVLB
JiangminTrojan/Generic.azrzv
AviraTR/Crypt.XPACK.Gen
MAXmalware (ai score=81)
Antiy-AVLTrojan/Win32.Waski.a
XcitiumTrojWare.Win32.TrojanDownloader.Small.CDC@8mzsfr
ArcabitTrojan.Generic.D1226A
ZoneAlarmHEUR:Trojan.Win32.Generic
MicrosoftTrojan:Win32/Upatre.AMN!MTB
GoogleDetected
AhnLab-V3Trojan/Win32.Dloader.R87521
BitDefenderThetaGen:NN.ZexaF.36302.bqX@aSoVMOi
ALYacTrojan.GenericKDZ.74346
VBA32Trojan.Download
Cylanceunsafe
PandaTrj/GdSda.A
TrendMicro-HouseCallTROJ_UPATRE.SM37
RisingDownloader.Agent!1.C06E (CLASSIC)
YandexTrojan.GenAsa!xjw/xZS1BKE
IkarusTrojan-Downloader.Win32.Upatre
MaxSecureTrojan.Upatre.Gen
FortinetW32/Waski.A!tr
AVGWin32:Downloader-WID [Trj]
DeepInstinctMALICIOUS

How to remove Malware.AI.2198818573?

Malware.AI.2198818573 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment