Malware

Malware.AI.2402924863 information

Malware Removal

The Malware.AI.2402924863 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.2402924863 virus can do?

  • Attempts to connect to a dead IP:Port (1 unique times)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid

How to determine Malware.AI.2402924863?



File Info:

name: AF29DD21A450F668CC12.mlw
path: /opt/CAPEv2/storage/binaries/bd4a587870c21933f5d47e2b92d249017ab4ef86360409d935c4488c6bffd7d4
crc32: DC698D4F
md5: af29dd21a450f668cc12721577ef502f
sha1: 93602b49d1c8b8bda5d6103df6c8ebf5826ca0e9
sha256: bd4a587870c21933f5d47e2b92d249017ab4ef86360409d935c4488c6bffd7d4
sha512: 281aa4c5249f143e3bfe7afdef8d340555e127d029543d87d7715f03cb060e93efc7d1c6b542f66c777827a7008c1419e28c02dca912b5fd8f4152e1f3a7322e
ssdeep: 384:XfuPb0HzJwdWC4Vt0bz8WGbwqxsw85GHbX9WiOD2UdS+:WoTJwEr0Buwes+t10JJ
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T14FA2E0D5277B7B72DAA35EBF87464E6BF9ED34B0416DA1CB1810E593E803627083114A
sha3_384: 89badd37f501870d68bf1c0f9fecf5396c68dd683483504812d538773f825c6bf352f77df5ad8af47ce562e817c6e017
ep_bytes: 60be00b040008dbe0060ffff57eb0b90
timestamp: 2018-04-05 18:42:54


Version Info:

0: [No Data]

Malware.AI.2402924863 also known as:

BkavW32.AIDetect.malware1
CynetMalicious (score: 100)
McAfeeTrojan-FSPW!5E02B7E717A1
CylanceUnsafe
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 004b78a51 )
K7GWTrojan ( 004b78a51 )
Cybereasonmalicious.1a450f
CyrenW32/QQhelper.C.gen!Eldorado
SymantecML.Attribute.HighConfidence
Elasticmalicious (moderate confidence)
ESET-NOD32Win32/Farfli.BLH
APEXMalicious
ClamAVWin.Trojan.Gh0stRAT-7480037-0
KasperskyHEUR:Backdoor.Win32.Generic
BitDefenderGeneric.ZegostB.D632417E
NANO-AntivirusTrojan.Win32.Farfli.fabycr
MicroWorld-eScanGeneric.ZegostB.D632417E
AvastWin32:Farfli-CD [Trj]
TencentMalware.Win32.Gencirc.10b3bf25
Ad-AwareGeneric.ZegostB.D632417E
EmsisoftGeneric.ZegostB.D632417E (B)
ComodoTrojWare.Win32.GameThief.Magania.~NWABU@18g2sq
F-SecureTrojan.TR/Spy.Gen
DrWebTrojan.DownLoader26.35525
McAfee-GW-EditionBehavesLike.Win32.PWSZbot.mc
FireEyeGeneric.mg.af29dd21a450f668
SophosMal/Behav-001
IkarusTrojan.Win32.Farfli
GDataGeneric.ZegostB.D632417E
JiangminTrojan.Vehidis.jf
AviraTR/Spy.Gen
ArcabitGeneric.ZegostB.DD9A661E
ZoneAlarmHEUR:Backdoor.Win32.Generic
MicrosoftTrojan:Win32/Wacatac.B!ml
TACHYONTrojan/W32.Agent.43520.ACK
AhnLab-V3Trojan/Win32.RL_AutoRun.R370508
VBA32BScope.Trojan.Downloader
ALYacGeneric.ZegostB.D632417E
MAXmalware (ai score=80)
MalwarebytesMalware.AI.2402924863
RisingBackdoor.Farfli!1.64B3 (TFE:dGZlOgXf3nTmFA6KfQ)
YandexTrojan.GenAsa!AxWoKmZHW3g
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Farfli.BLH!tr
BitDefenderThetaAI:Packer.69519E421E
AVGWin32:Farfli-CD [Trj]
CrowdStrikewin/malicious_confidence_70% (D)

How to remove Malware.AI.2402924863?

Malware.AI.2402924863 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment