Malware

About “Malware.AI.2266790872” infection

Malware Removal

The Malware.AI.2266790872 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Malware.AI.2266790872 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Dynamic (imported) function loading detected
  • Enumerates running processes
  • Expresses interest in specific running processes
  • Repeatedly searches for a not-found process, may want to run with startbrowser=1 option
  • Authenticode signature is invalid

How to determine Malware.AI.2266790872?


File Info:

name: D1C7BA83CB7482F82EF0.mlw
path: /opt/CAPEv2/storage/binaries/dee20c6ea915fb95976565f2efeb995d0dc1dd118ff462321e023a1818395f17
crc32: F2AE3F6B
md5: d1c7ba83cb7482f82ef0515f214586f9
sha1: f9e32ba269060e561dccf83d88339a6ddcfbdc0e
sha256: dee20c6ea915fb95976565f2efeb995d0dc1dd118ff462321e023a1818395f17
sha512: 57b1d4b427213f361a28a96aefeb6aab3c61971f46b826737d75512068070bc52a66c3aa6a0f92c8eb3ba7c77082db57f2f0042e8970a52649fdccf78fc96af6
ssdeep: 12288:EKAINBcPNJwDvJAhBdMfJhYh3OBMHyTrkbz5zUMitwFXmhlZv+ke0KilggxYHCoG:EJ3YPKNLTRSn
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T107A4AF207582C0B2EC2202F49D34EE6DEB7DBD754420CD177BD48979EF30AD19A26A76
sha3_384: 4d377e8111ddced181ca53995c5e0337befce8ab25a21aeb275197b9a36d32200ec3bcbe41e74d4bfb27912e15a3b696
ep_bytes: e87e060000e97afeffff558becf64508
timestamp: 2022-06-13 20:19:46

Version Info:

0: [No Data]

Malware.AI.2266790872 also known as:

BkavW32.AIDetect.malware1
LionicTrojan.Win32.Agent.4!c
MicroWorld-eScanGen:Variant.Zusy.403135
FireEyeGeneric.mg.d1c7ba83cb7482f8
ALYacGen:Variant.Zusy.403135
CylanceUnsafe
SangforTrojan.Win32.Save.a
K7AntiVirusSpyware ( 005897661 )
AlibabaTrojanSpy:Win32/SpywareX.e984c73c
K7GWSpyware ( 005897661 )
Cybereasonmalicious.269060
BitDefenderThetaGen:NN.ZexaF.34742.BqW@aO!Jucb
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Spy.Agent.QEQ
TrendMicro-HouseCallTrojanSpy.Win32.VIDAR.YXCFWZ
Paloaltogeneric.ml
KasperskyHEUR:Trojan.Win32.Agent.gen
BitDefenderGen:Variant.Zusy.403135
AvastWin32:SpywareX-gen [Trj]
TencentWin32.Trojan.Agent.Wrgh
Ad-AwareGen:Variant.Zusy.403135
SophosMal/Generic-S
TrendMicroTrojanSpy.Win32.VIDAR.YXCFWZ
McAfee-GW-EditionBehavesLike.Win32.Agent.gh
Trapminesuspicious.low.ml.score
EmsisoftGen:Variant.Zusy.403135 (B)
GDataGen:Variant.Zusy.403135
AviraHEUR/AGEN.1210448
MAXmalware (ai score=81)
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win.Frs.C5095726
McAfeeGenericRXSN-VK!D1C7BA83CB74
VBA32BScope.TrojanDropper.Agent
MalwarebytesMalware.AI.2266790872
APEXMalicious
RisingTrojan.Generic@AI.81 (RDML:HBZWRMOGdXKHC9SdFeVz0w)
SentinelOneStatic AI – Malicious PE
FortinetW32/Agent.QEQ!tr.spy
AVGWin32:SpywareX-gen [Trj]
CrowdStrikewin/malicious_confidence_90% (W)

How to remove Malware.AI.2266790872?

Malware.AI.2266790872 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment