Malware

Malware.AI.2351378379 removal tips

Malware Removal

The Malware.AI.2351378379 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.2351378379 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Executed a command line with /C or /R argument to terminate command shell on completion which can be used to hide execution
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • Unconventionial language used in binary resources: Russian
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Uses Windows utilities for basic functionality
  • Created a process from a suspicious location

How to determine Malware.AI.2351378379?



File Info:

name: A6604BA7417FA1E51CB5.mlw
path: /opt/CAPEv2/storage/binaries/53753c9fb31c5545e5c6a857f07c8d041d8c09556ce764668dc202ca5ee74364
crc32: 834A4186
md5: a6604ba7417fa1e51cb5a2a901a559b0
sha1: 0c1d8c5906d5d74b5ee7bded30ae6cdcef48c74d
sha256: 53753c9fb31c5545e5c6a857f07c8d041d8c09556ce764668dc202ca5ee74364
sha512: c7260db37cbbdc97d92a8cce490d01743f487887ac83992bdc3535b4387bf5bcc8d321249fd31be591c7470d9b38cfbdce81331322cded1dadcbbfd63c023d85
ssdeep: 49152:juW4azxLsgNTASaI69qPWmI4pxk4V3+B4e:juWpLhNt/dPIiv+ae
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1D7752303FAC1D8B2D55228365765ABA4B4B8F2200F50CDEFA3D54B5EDA211D0EB35AD3
sha3_384: a34f2015264ad61721fc337d54347133fd66e70642f94a3c4f783a6beb11924123cdedfedcb4e476d8c03cf43cdf48a8
ep_bytes: e866050000e978feffffcccccccccccc
timestamp: 2022-01-24 07:31:18


Version Info:

0: [No Data]

Malware.AI.2351378379 also known as:

BkavW32.AIDetect.malware1
Elasticmalicious (high confidence)
CynetMalicious (score: 100)
MalwarebytesMalware.AI.2351378379
BitDefenderTrojan.Rasftuby.Gen.14
ArcabitTrojan.Rasftuby.Gen.14
CyrenW32/Trojan.JZDM-6060
tehtrisGeneric.Malware
ClamAVWin.Malware.Fugrafa-9938779-0
KasperskyHEUR:Trojan.Win32.Generic
MicroWorld-eScanTrojan.Rasftuby.Gen.14
Ad-AwareTrojan.Rasftuby.Gen.14
SophosGeneric ML PUA (PUA)
ZillyaTrojan.Bingoml.Win32.8340
McAfee-GW-EditionBehavesLike.Win32.Generic.tc
Trapminesuspicious.low.ml.score
FireEyeGeneric.mg.a6604ba7417fa1e5
EmsisoftTrojan.Rasftuby.Gen.14 (B)
MicrosoftTrojan:Win32/Sabsik.FT.A!ml
ZoneAlarmHEUR:Trojan.Win32.Generic
GDataTrojan.Rasftuby.Gen.14
Acronissuspicious
ALYacTrojan.Rasftuby.Gen.14
MAXmalware (ai score=87)
APEXMalicious
MaxSecureTrojan.Malware.121218.susgen
Cybereasonmalicious.7417fa

How to remove Malware.AI.2351378379?

Malware.AI.2351378379 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment