Malware

About “Malware.AI.2366792512” infection

Malware Removal

The Malware.AI.2366792512 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.2366792512 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Malware.AI.2366792512?



File Info:

name: 27CB805E741CE4B47F60.mlw
path: /opt/CAPEv2/storage/binaries/989547baac5377aeab7bceddcbf4fd9934406ad4b60776885b54dd6bdec748d3
crc32: 8AF44F53
md5: 27cb805e741ce4b47f601c4ddef546af
sha1: 56a6674bd6e6122acc3268f253656337d320e466
sha256: 989547baac5377aeab7bceddcbf4fd9934406ad4b60776885b54dd6bdec748d3
sha512: 60c37af5bbafb168f72bd4cad36f7a1f7ae40c6a4ad02516cf19e0e9b497e23b4fc29314152f03663f9591f2f144974db6c17fa41123736cd79f6329522542a2
ssdeep: 49152:TQ5IpP3PIIg2OGv0jp7/DZ9VlYD28+peOtxV1XGF4Ng4J6mhpwaAR9:k5IpP3PIIghGSp7/DZ9Vlj/kOtxV1XGr
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T127B5AF33F590907AC92312315F9D726C76A9BB714B3642C722E55F2D3EB05C36A287A3
sha3_384: aae0e219bcf44522b4401643f621de6f9ac07ef936ea7e5ef0b05b717e77b5a0b4c3073d35bcbaf1a896d69bcdd3f00b
ep_bytes: e899590000e97ffeffff558bec568b75
timestamp: 2015-11-26 15:15:43


Version Info:

CompanyName: nerds.de
FileDescription: Audio LoopBack Monitor
FileVersion: 1.2.0.0
InternalName: loopBeAudio.exe
LegalCopyright: (c) 2014 - 2015 nerds.de.  All rights reserved.
OriginalFilename: loopBeAudio.exe
ProductName: loopBeAudio
ProductVersion: 1.2.0.0
Translation: 0x0409 0x04e4

Malware.AI.2366792512 also known as:

BkavW32.Common.81A84B1B
LionicTrojan.Win32.Emotet.L!c
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.GenericKD.69588697
FireEyeTrojan.GenericKD.69588697
SkyhighBehavesLike.Win32.Dropper.vc
McAfeeArtemis!27CB805E741C
MalwarebytesMalware.AI.2366792512
VIPRETrojan.GenericKD.69588697
SangforVirus.Win32.Patched.Vpz1
K7AntiVirusTrojan ( 005ab4bf1 )
BitDefenderTrojan.GenericKD.69588697
K7GWTrojan ( 005ab4bf1 )
BitDefenderThetaGen:NN.ZexaF.36792.us0@amrhZKkO
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Patched.NKM
APEXMalicious
KasperskyVirus.Win32.Senoval.a
AlibabaVirus:Win32/Senoval.fb1a97df
NANO-AntivirusVirus.Win32.Gen-Crypt.ccnc
RisingTrojan.Generic@AI.100 (RDML:jSHaKZ4xUTVCqaEaQIHWkA)
SophosMal/Generic-S
DrWebWin32.Beetle.2
EmsisoftTrojan.GenericKD.69588697 (B)
IkarusTrojan.Win32.Patched
GDataWin32.Trojan.PSE.13HENTO
GoogleDetected
VaristW32/Convagent.EL.gen!Eldorado
Antiy-AVLTrojan/Win32.Wacatac
ArcabitTrojan.Generic.D425D6D9
ZoneAlarmVirus.Win32.Senoval.a
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win.Generic.R604136
VBA32BScope.TrojanDownloader.Emotet
ALYacTrojan.GenericKD.69588697
MAXmalware (ai score=87)
DeepInstinctMALICIOUS
Cylanceunsafe
TrendMicro-HouseCallTROJ_GEN.R049H09JA23
TencentTrojan.Win32.Pathced_ya.16001052
MaxSecureTrojan.Malware.218922994.susgen
FortinetW32/Patched.IP!tr
AVGWin32:Patched-AWX [Trj]
AvastWin32:Patched-AWX [Trj]
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Malware.AI.2366792512?

Malware.AI.2366792512 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment