Malware.AI.2421380070 removal tips

The Malware.AI.2421380070 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.2421380070 virus can do?

Creates RWX memory
Dynamic (imported) function loading detected
The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid

How to determine Malware.AI.2421380070?


File Info:
name: 7DA6BBE82FDA09FDCEF7.mlw
path: /opt/CAPEv2/storage/binaries/536cccd6bf8f539da2beca16907de2d8da7e5cd6618215915ea22401a19c5879
crc32: 68C55178
md5: 7da6bbe82fda09fdcef746ef89fc2977
sha1: 2021279c7cf92e918bb026cc02c10af7410a1b49
sha256: 536cccd6bf8f539da2beca16907de2d8da7e5cd6618215915ea22401a19c5879
sha512: 9171503c23719fe738517c278d2ee158e013b04e28a1fc072310583f4711a64a3b140f4dc361634a481e37d6f3f5570c5a08f6cee033a8556b6fb8cd2a8712b7
ssdeep: 24576:+3IthDQ8qo8EX9yFBPStfjTGi2JqdZ6t6AWl:GRvpS0ieqdZ6AAW
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T103156B13B284583BD0661A365C678360693F7A7C2A96FC573EE40D0E0F792A12D3EB57
sha3_384: d0e16ca8d78263085ef3e0e16c8236122eb2b31efd3f12f6a56678bbfb7d8d423dfb86f19612a5b4c867d6742638fd1d
ep_bytes: 558bec83c4f0b8a00f4d00e83837f3ff
timestamp: 2013-01-09 01:25:44

Version Info:
CompanyName: Sinacotal
FileDescription: Rebulo Pefucake
FileVersion: 2.5.2.21
InternalName: Pasofob
LegalCopyright: 
LegalTrademarks: 
OriginalFilename: PasofobTudoled.exe
ProductName: Depakinap Reto
ProductVersion: 2.6.25.93

Malware.AI.2421380070 also known as:

Bkav	W32.AIDetect.malware1
Lionic	Adware.Win32.DealPly.2!c
Elastic	malicious (high confidence)
MicroWorld-eScan	Adware.DealPly.2.Gen
FireEye	Generic.mg.7da6bbe82fda09fd
McAfee	GenericRXAA-AA!7DA6BBE82FDA
Malwarebytes	Malware.AI.2421380070
VIPRE	Trojan.Win32.Generic!BT
Sangfor	Trojan.Win32.Save.a
CrowdStrike	win/malicious_confidence_100% (D)
K7GW	Adware ( 00533e0a1 )
K7AntiVirus	Adware ( 00533e0a1 )
Arcabit	Adware.DealPly.2.Gen
Symantec	SMG.Heur!gen
ESET-NOD32	a variant of Win32/DealPly.QN potentially unwanted
APEX	Malicious
Paloalto	generic.ml
Kaspersky	not-a-virus:UDS:AdWare.Win32.DealPly
BitDefender	Adware.DealPly.2.Gen
ViRobot	Adware.Dealply.929280.HS
Avast	Win32:DealPly-AJ [Adw]
Ad-Aware	Adware.DealPly.2.Gen
Emsisoft	Adware.DealPly.2.Gen (B)
Zillya	Adware.DealPly.Win32.392457
TrendMicro	TROJ_GEN.R002C0OGQ21
McAfee-GW-Edition	BehavesLike.Win32.Generic.dh
Sophos	Generic PUA CA (PUA)
Ikarus	PUA.DealPly
Avira	HEUR/AGEN.1112083
Antiy-AVL	Trojan/Generic.ASMalwS.3064122
Gridinsoft	Ransom.Win32.Zbot.oa
Microsoft	Program:Win32/Wacapew.C!ml
SUPERAntiSpyware	PUP.DealPly/Variant
GData	Adware.DealPly.2.Gen
AhnLab-V3	PUP/Win32.DealPly.C3269049
Acronis	suspicious
BitDefenderTheta	Gen:NN.ZelphiF.34160.4O0@aiB4Aoei
MAX	malware (ai score=60)
VBA32	Adware.DealPly
TrendMicro-HouseCall	TROJ_GEN.R002C0OGQ21
Rising	PUF.DealPly!1.AA42 (C64:YzY0OqkjTNqbk5WH)
Yandex	Riskware.Agent!rG3FAxeKbxY
SentinelOne	Static AI – Malicious PE
Fortinet	Riskware/DealPly
AVG	Win32:DealPly-AJ [Adw]
Cybereason	malicious.82fda0
Panda	Trj/GdSda.A
MaxSecure	Trojan.Malware.73560392.susgen

How to remove Malware.AI.2421380070?

Malware.AI.2421380070 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X