Malware

About “Malware.AI.2235937286” infection

Malware Removal

The Malware.AI.2235937286 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.2235937286 virus can do?

  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Possible date expiration check, exits too soon after checking local time
  • Dynamic (imported) function loading detected
  • Performs HTTP requests potentially not found in PCAP.
  • Reads data out of its own binary image
  • A process created a hidden window
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • Authenticode signature is invalid
  • Attempts to repeatedly call a single API many times in order to delay analysis time
  • Created a process from a suspicious location
  • Attempts to modify proxy settings
  • Anomalous binary characteristics

How to determine Malware.AI.2235937286?



File Info:

name: ABAAE34C1ADA1672C988.mlw
path: /opt/CAPEv2/storage/binaries/5f65fc9148b4ec1ac093257a7ec7758af7c35f47353f7fb73d699127f7d7e920
crc32: 59912399
md5: abaae34c1ada1672c988b52390a9e5ba
sha1: d5087240990435ff57ec1fc7664c9bdb2a783de2
sha256: 5f65fc9148b4ec1ac093257a7ec7758af7c35f47353f7fb73d699127f7d7e920
sha512: 929287510fde55c2aab8ce7c04dcc9817ec92219a972da0a70432f184c485ba3569eba9958d0f0a40846f56d0719a68ddec91f3cb10c8fb9446fc47e81ee7874
ssdeep: 768:ThjrhoahHKVxvmgtxypOd/22fZ3SSPsED3VK2+ZtyOjgO4r9vFAg2rqzUd:TtrhXFf6ypOd/22fZ3lYTjipvF2KU
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1D9432921B7C190B1E4A702318476C9F1523BBD96BCB1422F3E99375EA8B2A918C55F1F
sha3_384: 4d8d23e32b7a836e25ff695a77c62a64b994ed5d0218e8e2201b79d8991d3587c926f07da239a52800a6e2bbe17dc747
ep_bytes: 558bec6aff684030400068001b400064
timestamp: 2014-03-31 19:24:37


Version Info:

0: [No Data]

Malware.AI.2235937286 also known as:

BkavW32.FamVT.GeND.Trojan
Elasticmalicious (high confidence)
DrWebTrojan.DownLoader9.53400
MicroWorld-eScanTrojan.Downloader.JQMW
FireEyeGeneric.mg.abaae34c1ada1672
CAT-QuickHealTrojanPWS.Zbot.Gen
CylanceUnsafe
VIPRETrojan.Win32.Generic.pak!cobra
CrowdStrikewin/malicious_confidence_90% (D)
BitDefenderTrojan.Downloader.JQMW
K7GWTrojan-Downloader ( 004941701 )
K7AntiVirusTrojan-Downloader ( 004941701 )
BitDefenderThetaGen:NN.ZexaF.34294.dqY@a0zSinci
CyrenW32/Trojan.GWMH-3336
ESET-NOD32Win32/TrojanDownloader.Waski.B
TrendMicro-HouseCallTROJ_UPATRE.SMN7
ClamAVWin.Downloader.Upatre-5744087-0
KasperskyHEUR:Trojan.Win32.Generic
NANO-AntivirusTrojan.Win32.Crypted.cwaqgb
TencentMalware.Win32.Gencirc.10b8c426
EmsisoftTrojan.Downloader.JQMW (B)
ComodoTrojWare.Win32.Injector.KCF@59nxkk
ZillyaDropper.Injector.Win32.61232
TrendMicroTROJ_UPATRE.SMN7
McAfee-GW-EditionBehavesLike.Win32.PWSZbot.qt
SophosML/PE-A + Mal/Zbot-PY
SentinelOneStatic AI – Malicious PE
JiangminTrojanDropper.Injector.avne
AviraTR/MSIL.Injector.kbcq
MAXmalware (ai score=82)
Antiy-AVLTrojan/Generic.ASMalwS.954313
GDataWin32.Trojan.Injector.AI
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Zbot.R103174
Acronissuspicious
McAfeeTrojan-FDYB!ABAAE34C1ADA
VBA32TrojanDropper.Injector
MalwarebytesMalware.AI.2235937286
APEXMalicious
RisingTrojan.Generic@ML.98 (RDML:tX5NCntTQZpz2hM2OZrWhg)
YandexTrojan.DR.Injector!i/OD2JI8k1M
IkarusVirus.Win32.Vundo
MaxSecureTrojan.Upatre.Gen
FortinetW32/Bublik.TT!tr
AVGWin32:Malware-gen
AvastWin32:Malware-gen

How to remove Malware.AI.2235937286?

Malware.AI.2235937286 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment