Malware

Malware.AI.2258248107 information

Malware Removal

The Malware.AI.2258248107 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.2258248107 virus can do?

  • Executable code extraction
  • Injection (inter-process)
  • Injection (Process Hollowing)
  • Creates RWX memory
  • Reads data out of its own binary image
  • A process created a hidden window
  • The binary likely contains encrypted or compressed data.
  • Uses Windows utilities for basic functionality
  • Executed a process and injected code into it, probably while unpacking
  • Creates a copy of itself

How to determine Malware.AI.2258248107?



File Info:

crc32: EB51C9E6
md5: 406914688fb6658ef9939b305bc9d5e4
name: 406914688FB6658EF9939B305BC9D5E4.mlw
sha1: c96792790fa0bc99c26a3affdd35f6ff2bee6064
sha256: a353e30831fba78c7d08215500b4dadcdd20e5b147af66d6610012209e515aea
sha512: f839bc07df4e8ff61b5e8816d988dcb973911b416fe364c9178b86b58aacebef1a4f566d7297be63eaf0d9573b5832c4af94a075e9715bb5a1af5f6152f7ec81
ssdeep: 24576:JipYZbPCG0J0j45Dn7ooQKTy4XMvmDtc8:hFPi/5Ioxy4XhDu8
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows


Version Info:

Translation: 0x0000 0x04b0
LegalCopyright: Copyright xa9  2019
Assembly Version: 1.0.0.0
InternalName: zshUDQ6eW.exe
FileVersion: 1.0.0.0
CompanyName: 
LegalTrademarks: 
Comments: 
ProductName: Roulette Reloaded
ProductVersion: 1.0.0.0
FileDescription: Roulette Reloaded
OriginalFilename: zshUDQ6eW.exe

Malware.AI.2258248107 also known as:

Elasticmalicious (high confidence)
DrWebTrojan.PWS.Siggen3.68
CynetMalicious (score: 100)
CAT-QuickHealTrojan.MSIL
ALYacGen:Variant.MSILHeracles.18377
CylanceUnsafe
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaTrojan:Win32/starter.ali1000139
K7GWTrojan ( 0057e1141 )
Cybereasonmalicious.90fa0b
CyrenW32/Trojan.GJM.gen!Eldorado
SymantecTrojan.Gen.2
ESET-NOD32a variant of MSIL/Kryptik.ABMH
APEXMalicious
AvastWin32:PWSX-gen [Trj]
KasperskyHEUR:Trojan.MSIL.Taskun.gen
BitDefenderGen:Variant.MSILHeracles.18377
MicroWorld-eScanGen:Variant.MSILHeracles.18377
Ad-AwareATI:AgentTesla.17F71F80
SophosMal/Generic-S
ComodoMalware@#13lwovrxapsp6
BitDefenderThetaGen:NN.ZemsilF.34738.bn0@a0hToD
McAfee-GW-EditionPWS-FCTJ!406914688FB6
FireEyeGeneric.mg.406914688fb6658e
EmsisoftGen:Variant.MSILHeracles.18377 (B)
SentinelOneStatic AI – Malicious PE
WebrootW32.Malware.Gen
AviraTR/AD.AgentTesla.doyvp
KingsoftWin32.Troj.Undef.(kcloud)
MicrosoftTrojan:MSIL/AgentTesla.BFF!MTB
ArcabitTrojan.MSILHeracles.D47C9
AegisLabTrojan.MSIL.Taskun.4!c
GDataGen:Variant.MSILHeracles.18377
AhnLab-V3Trojan/Win.AgentTesla.C4526962
McAfeePWS-FCTJ!406914688FB6
MAXmalware (ai score=82)
MalwarebytesMalware.AI.2258248107
PandaTrj/GdSda.A
TrendMicro-HouseCallTROJ_GEN.F0D1C00FF21
YandexTrojan.Igent.bV3pcP.2
IkarusTrojan.MSIL.Inject
MaxSecureTrojan.Malware.300983.susgen
FortinetMSIL/Kryptik.ABLG!tr
AVGWin32:PWSX-gen [Trj]
Paloaltogeneric.ml

How to remove Malware.AI.2258248107?

Malware.AI.2258248107 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment