Malware.AI.2456622297 removal guide

The Malware.AI.2456622297 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.2456622297 virus can do?

SetUnhandledExceptionFilter detected (possible anti-debug)
Dynamic (imported) function loading detected
Unconventionial language used in binary resources: Korean
Authenticode signature is invalid
Attempts to modify proxy settings

How to determine Malware.AI.2456622297?


File Info:
name: DEB9935139E051F0F400.mlw
path: /opt/CAPEv2/storage/binaries/30f16cd2085ee16a1894eb5da6b30791fa2b26112e88060c397dc8504d94f8a4
crc32: 0276242B
md5: deb9935139e051f0f4002f927e870e3c
sha1: 5f819aec28136cc13dc19125e6b5da45f05f75ee
sha256: 30f16cd2085ee16a1894eb5da6b30791fa2b26112e88060c397dc8504d94f8a4
sha512: b0b6b3ce35d3e79802cfec51d68563b35ffcc12a9ed67a8d3e4d9a1301a2f314d4067d3abfaa0b886241d5788792e9b78ad8bcacc951b4d68dd5cc48c5dc3c5d
ssdeep: 192:VX3L2bX3RMOkc5kuCmF6Ku/qgMJJ9Vq128LDx:VLhOHCmIKkqgMhSJ
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T127321A0FDEAB8022DB9A84704B7B87568B797D513795393B37903E4E2D327C0C89A15E
sha3_384: 1de23feef3554c7689c98a71f023d4f16f120be6696d46599010d4df1a52666218396c233d1b764dec297f4ee9176130
ep_bytes: e878040000e936fdffff8bff558bec81
timestamp: 2022-01-03 00:53:31

Version Info:
FileVersion: 1, 0, 0, 1
ProductVersion: 1, 0, 0, 1
Translation: 0x0409 0x04b0

Malware.AI.2456622297 also known as:

Lionic	Trojan.Win32.Witch.4!c
Elastic	malicious (high confidence)
DrWeb	Trojan.Siggen16.21430
FireEye	Generic.mg.deb9935139e051f0
McAfee	GenericRXRH-NU!DEB9935139E0
Cylance	Unsafe
K7AntiVirus	Trojan-Downloader ( 0058c41c1 )
Alibaba	TrojanDownloader:Win32/Witch.66579717
K7GW	Trojan-Downloader ( 0058c41c1 )
Cybereason	malicious.c28136
BitDefenderTheta	Gen:NN.ZexaCO.34114.aq0@aatsrUjO
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/TrojanDownloader.Agent.FZP
TrendMicro-HouseCall	Mal_DLDER
Kaspersky	HEUR:Trojan.Win32.Witch.gen
Avast	Win32:Trojan-gen
Tencent	Win32.Trojan-downloader.Agent.Wvun
TrendMicro	Mal_DLDER
McAfee-GW-Edition	BehavesLike.Win32.Dropper.lm
Sophos	Mal/Generic-S
SentinelOne	Static AI – Malicious PE
GData	Win32.Trojan.PSE.IQGG6H
Jiangmin	Trojan.Witch.kr
Avira	TR/Dldr.Agent.tbmcb
ViRobot	Trojan.Win32.Z.Witch.11776.B
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
Cynet	Malicious (score: 100)
AhnLab-V3	Malware/Win.Dlder.R462261
VBA32	suspected of Trojan.Downloader.gen
Malwarebytes	Malware.AI.2456622297
APEX	Malicious
Rising	Downloader.Agent!8.B23 (CLOUD)
Ikarus	Trojan-Downloader.Win32.Small
Fortinet	W32/Agent.FZP!tr
AVG	Win32:Trojan-gen
Panda	Trj/GdSda.A
CrowdStrike	win/malicious_confidence_100% (W)

How to remove Malware.AI.2456622297?

Malware.AI.2456622297 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X