Malware

Malware.AI.2429004610 information

Malware Removal

The Malware.AI.2429004610 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.2429004610 virus can do?

  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Behavioural detection: Injection (Process Hollowing)
  • Executed a process and injected code into it, probably while unpacking
  • Behavioural detection: Injection (inter-process)
  • Uses suspicious command line tools or Windows utilities

How to determine Malware.AI.2429004610?



File Info:

name: B6C52E39B645A67F1912.mlw
path: /opt/CAPEv2/storage/binaries/ec8b533214beda39f6c406091ab0885267973edc82bde82761667fd5e9edbc6a
crc32: 12C700F8
md5: b6c52e39b645a67f191218c65dc99f5e
sha1: 6bdd545c09547ddc3c261ff62f12aef5a9ef0452
sha256: ec8b533214beda39f6c406091ab0885267973edc82bde82761667fd5e9edbc6a
sha512: f0491ba7c44dece79396798ae7ea37704ff213c95472640348fd03806da2930bbebb1dafc66bddce4189999a3eea65822c3f80753e87a5ba73478ffcb4bbc592
ssdeep: 24576:x5LU8mHvbAglYyV+WMLbvNVKDFzwTI7QjizxHBC3nCKUUrLY6PCyfptnv7:vLzclAJTMVhBC3CmrH
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T125658C21A6D04436C0B39A79581FC35B6C177D2FB92454CAABBCFA085A3438BFF17166
sha3_384: 0568f2fce49643697e3f56448fc7ed827080ed5c0313d1ce2ef799ce618a6cd8f5581ce0470393a53cb380e47f16d323
ep_bytes: 558bec83c4f0535657b8b0364600e86d
timestamp: 2021-07-29 12:26:20


Version Info:

CompanyName: GDM
FileDescription: LOCABA
FileVersion: 2.4.2.4
InternalName: 
LegalCopyright: 
LegalTrademarks: 
OriginalFilename: 
ProductName: v
ProductVersion: 2.4.2.4
Comments: SMSA
Translation: 0x0409 0x04e4

Malware.AI.2429004610 also known as:

BkavW32.AIDetect.malware1
LionicTrojan.Win32.Crypminal.m!c
Elasticmalicious (high confidence)
CynetMalicious (score: 100)
FireEyeGeneric.mg.b6c52e39b645a67f
McAfeeTrojan-FTWY!B6C52E39B645
ZillyaBackdoor.Crypminal.Win32.27
K7AntiVirusTrojan ( 0057da381 )
AlibabaBackdoor:Win32/Crypminal.54e88911
K7GWTrojan ( 0057da381 )
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Injector.EPMC
APEXMalicious
Paloaltogeneric.ml
KasperskyHEUR:Backdoor.Win32.Crypminal.gen
BitDefenderGen:Variant.Jacard.229908
MicroWorld-eScanGen:Variant.Jacard.229908
AvastWin32:RATX-gen [Trj]
TencentMalware.Win32.Gencirc.11c9fc5a
Ad-AwareGen:Variant.Jacard.229908
EmsisoftGen:Variant.Jacard.229908 (B)
TrendMicroTROJ_GEN.R002C0PKQ21
McAfee-GW-EditionTrojan-FTWY!B6C52E39B645
SophosMal/Generic-S
SentinelOneStatic AI – Suspicious PE
GDataGen:Variant.Jacard.229908
JiangminBackdoor.Crypminal.ap
AviraTR/AD.Bandok.dwjxm
Antiy-AVLTrojan/Generic.ASMalwS.345425C
GridinsoftRansom.Win32.Gen.sa
ArcabitTrojan.Jacard.D38214
MicrosoftTrojan:Win32/Fareit!ml
AhnLab-V3Trojan/Win.EF.C4525918
BitDefenderThetaGen:NN.ZelphiF.34062.AL0@aCX0oMoi
ALYacGen:Variant.Jacard.229908
MAXmalware (ai score=86)
VBA32BScope.Backdoor.Crypminal
MalwarebytesMalware.AI.2429004610
TrendMicro-HouseCallTROJ_GEN.R002C0PKQ21
RisingTrojan.Generic@ML.80 (RDML:Kz8YTPeXH0XojzXdRyc0Hw)
YandexTrojan.Injector!R2nAbkyQETk
IkarusTrojan.Win32.Injector
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Kryptik.EPMC!tr
AVGWin32:RATX-gen [Trj]
PandaTrj/GdSda.A
CrowdStrikewin/malicious_confidence_90% (W)

How to remove Malware.AI.2429004610?

Malware.AI.2429004610 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment