Malware

What is “Malware.AI.2425873718”?

Malware Removal

The Malware.AI.2425873718 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.2425873718 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Deletes executed files from disk
  • Harvests cookies for information gathering

How to determine Malware.AI.2425873718?



File Info:

name: F9E622533E99218426CE.mlw
path: /opt/CAPEv2/storage/binaries/efe54c9b229aae6bf634fa79e90cff897f72fa3016f648a2599a04b4d1807b5e
crc32: DE498760
md5: f9e622533e99218426ce4622c65c98ca
sha1: 198202337b238bf6715cdf1a9bd344c6fe70708b
sha256: efe54c9b229aae6bf634fa79e90cff897f72fa3016f648a2599a04b4d1807b5e
sha512: e85b16acdd9041d664b48ad3e89dfc8d4823f5adc2694697b2870514caec9d3e3fd47891baef4e02d5cc25dc58174c5a05c1370cffc9cc7558f66f75a7ae0b4a
ssdeep: 6144:txp/7ZH7V7e+IGsI3lfucN1ncpHucN1/MRN7dDthMAJRfwHoqhE2KjPlACucN1:tf/L7Y/kucN1YHucN1/MRNd/FR5nlACZ
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T18F74AF02A700DC87E90882F12946CAB5BC646F706186956FB374BF8E3A316D775F532B
sha3_384: 5833922b573fb9fac670bbae8b8b59458b3b109b1b99e939257c9cc8417166f7322c91c8f4a1d589e77d1e30d674f40a
ep_bytes: 6818134100e8f0ffffff000000000000
timestamp: 2011-07-14 05:07:27


Version Info:

Translation: 0x0804 0x04b0
CompanyName: OK网
FileDescription: 企鹅QQ斗地主记牌器
LegalCopyright: OK网
LegalTrademarks: 企鹅记牌器
ProductName: 企鹅QQ斗地主记牌器update
FileVersion: 6.04
ProductVersion: 6.04
InternalName: ddz
OriginalFilename: ddz.exe

Malware.AI.2425873718 also known as:

BkavW32.AIDetect.malware2
LionicTrojan.Win32.DarkKomet.m!c
tehtrisGeneric.Malware
MicroWorld-eScanGen:Variant.Zusy.192622
FireEyeGeneric.mg.f9e622533e992184
McAfeeGenericRXAA-AA!F9E622533E99
CylanceUnsafe
ZillyaTrojan.BHO.Win32.33412
SangforTrojan.Win32.Tiggre.rfn
K7AntiVirusTrojan ( 00266fde1 )
AlibabaTrojan:Win32/Vebzenpak.ccf51a94
K7GWTrojan ( 00266fde1 )
Cybereasonmalicious.33e992
BitDefenderThetaGen:NN.ZevbaF.34754.um0@ai9@Oloj
SymantecML.Attribute.HighConfidence
Elasticmalicious (moderate confidence)
ESET-NOD32a variant of Win32/BHO.OFP
BaiduWin32.Trojan.Taobho.a
TrendMicro-HouseCallTROJ_GEN.R03BC0WK322
Paloaltogeneric.ml
KasperskyTrojan.Win32.Vebzenpak.afrh
BitDefenderGen:Variant.Zusy.192622
NANO-AntivirusTrojan.Win32.BHO.fcongf
CynetMalicious (score: 100)
SUPERAntiSpywareTrojan.Agent/Gen-Dropper
AvastWin32:Malware-gen
TencentWin32.Trojan.Vebzenpak.Gwnw
Ad-AwareGen:Variant.Zusy.192622
EmsisoftGen:Variant.Zusy.192622 (B)
DrWebTrojan.MulDrop2.62064
VIPREGen:Variant.Zusy.192622
TrendMicroTROJ_GEN.R03BC0WK322
McAfee-GW-EditionBehavesLike.Win32.Trojan.fh
SentinelOneStatic AI – Suspicious PE
Trapminemalicious.high.ml.score
SophosMal/Generic-S
APEXMalicious
GDataGen:Variant.Zusy.192622
AviraTR/Dropper.Gen
ArcabitTrojan.Zusy.D2F06E
MicrosoftTrojan:Win32/Wacatac.B!ml
GoogleDetected
ALYacGen:Variant.Zusy.192622
MAXmalware (ai score=87)
VBA32TScope.Trojan.VB
MalwarebytesMalware.AI.2425873718
RisingTrojan.BHO!8.1C4 (TFE:5:htro2Hyut6D)
YandexTrojan.GenAsa!0W5aRVJIZnA
IkarusTrojan-Dropper.Win32.Taob
FortinetW32/Generic.AP.19EE890!tr
AVGWin32:Malware-gen
PandaTrj/CI.A
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Malware.AI.2425873718?

Malware.AI.2425873718 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment