Malware

Malware.AI.22844680 removal guide

Malware Removal

The Malware.AI.22844680 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.22844680 virus can do?

  • Sample contains Overlay data
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Presents an Authenticode digital signature
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Uses Windows utilities for basic functionality
  • Behavioural detection: Injection (inter-process)

How to determine Malware.AI.22844680?



File Info:

name: 46D18F0E5506F1005AC7.mlw
path: /opt/CAPEv2/storage/binaries/b0db6c422cc036ef1fb8612738b04da444d896899faae23b7de42368abcd987a
crc32: 4DC9D6EF
md5: 46d18f0e5506f1005ac738fca2dfb354
sha1: 93a207c8517993fc6aaaa8a8932be5838cbe6bc0
sha256: b0db6c422cc036ef1fb8612738b04da444d896899faae23b7de42368abcd987a
sha512: a500411a63f6b512fc4ada72bada5011a4fe3b91fd7d1adc54b5605483610570f3a533e949ebfc589ae8a2e2ab8423e66c9cc2ad224580a0aaa88fc43a8e5525
ssdeep: 12288:jw35dS4X8AnVyiKdXZcqt/dmzwxCkTa36qVxPmY94I2aCPIweqK08RmR0LviGtFX:E35dPpXWa3rvuCv2aC7/MmOfn/ADejd
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T18E454802954844AFE303C733146AA3D0D114A83F2A2E779A3D59B11BFF7DD8BA1C675A
sha3_384: 4d3b35fcee7ed57821495e5aae892171880cc4c5e043b709414bfdabe1f64066490aa99e6e338d8f1d0c2a514d263b4d
ep_bytes: e8f0570000e978feffff8bff558bec56
timestamp: 2013-07-26 07:53:37


Version Info:

0: [No Data]

Malware.AI.22844680 also known as:

BkavW32.AIDetect.malware2
LionicTrojan.Win32.CozyDuke.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Zusy.377865
ClamAVWin.Dropper.Cozybear-3
FireEyeGen:Variant.Zusy.377865
CAT-QuickHealTrojanAPT.CozyDuke.A5
McAfeeBackDoor-FCNJ!98A6484533FA
CylanceUnsafe
VIPREGen:Variant.Zusy.377865
SangforBackdoor.Win32.Cozyduke.Vp6d
K7AntiVirusRiskware ( 0040eff71 )
AlibabaTrojan:Win32/Cozer.64076310
K7GWTrojan ( 005729631 )
CrowdStrikewin/malicious_confidence_60% (W)
VirITBackdoor.Win32.Generic.CBYK
SymantecTrojan.Gen.MBT
ESET-NOD32a variant of Win32/Cozer.D
APEXMalicious
CynetMalicious (score: 100)
KasperskyUDS:Trojan.Win32.CozyDuke.gen
BitDefenderGen:Variant.Zusy.377865
NANO-AntivirusTrojan.Win32.Cozybear.dpcwih
AvastWin32:CozyDuke-F [Cryp]
SophosMal/RarMal-H
ComodoMalware@#jg9p506onpb2
DrWebBackDoor.CozyDuke.2
ZillyaTrojan.Cozybear.Win32.24
TrendMicroTROJ_COZER.LN
McAfee-GW-EditionBackDoor-FCNJ!98A6484533FA
Trapminemalicious.moderate.ml.score
EmsisoftGen:Variant.Zusy.377865 (B)
SentinelOneStatic AI – Suspicious SFX
JiangminTrojan.MSIL.akcou
AviraHEUR/AGEN.1224531
Antiy-AVLTrojan/Generic.ASSuf.2944F
KingsoftWin32.Troj.Generic_a.c.(kcloud)
MicrosoftTrojan:Win32/Wacatac.B!ml
GDataGen:Variant.Zusy.377865
GoogleDetected
AhnLab-V3Trojan/Win32.Cozer.C820329
VBA32BScope.Trojan.CozyDuke
ALYacGen:Variant.Zusy.377865
MAXmalware (ai score=89)
MalwarebytesMalware.AI.22844680
TrendMicro-HouseCallTROJ_COZER.LN
RisingTrojan.Win32.Cozybear.c (CLASSIC)
YandexTrojan.GenAsa!U7+dIZiQSsU
IkarusTrojan.Win32.Cozer
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Cozybear.I!tr
AVGWin32:CozyDuke-F [Cryp]
Cybereasonmalicious.e5506f
PandaTrj/CI.A

How to remove Malware.AI.22844680?

Malware.AI.22844680 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment