What is "Malware.AI.2465324104"?

The Malware.AI.2465324104 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Malware.AI.2465324104 virus can do?

Executable code extraction
Injection (inter-process)
Injection (Process Hollowing)
Creates RWX memory
Drops a binary and executes it
Unconventionial language used in binary resources: Russian
The binary likely contains encrypted or compressed data.
Uses Windows utilities for basic functionality
Executed a process and injected code into it, probably while unpacking
Installs itself for autorun at Windows startup
Network activity detected but not expressed in API logs

Related domains:

z.whorecord.xyz

a.tomx.xyz

How to determine Malware.AI.2465324104?


File Info:
crc32: DFC7C076
md5: 59a84eb534e69e9530f216b22469c3fb
name: 59A84EB534E69E9530F216B22469C3FB.mlw
sha1: f41e4966f7d0150d95dceba733050a383953d58d
sha256: dda7f60da79285e3730bc927c7499c51a7cdf6d8b96bdd67155634b52d320f29
sha512: 900f963f6095b6203ac42b2af2c705879599103a8dddd37948a08b96f41e86e83f250ae94017e02ca94d2a35935bee0dc233472eb6ec4230521df25c4a4df7e5
ssdeep: 3072:5LFRQGCIIm1xz5GWp1icKAArDZz4N9GhbkrNEk68GGLnw3:dQGCIImhp0yN90QEL
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
LegalCopyright: xa9 Microsoft Corporation. All rights reserved.
InternalName: Wextract                
FileVersion: 11.00.9600.16428 (winblue_gdr.131013-1700)
CompanyName: Microsoft Corporation
ProductName: Internet Explorer
ProductVersion: 11.00.9600.16428
FileDescription: Win32 Cabinet Self-Extractor                                           
OriginalFilename: WEXTRACT.EXE            .MUI
Translation: 0x0409 0x04b0

Malware.AI.2465324104 also known as:

Elastic	malicious (high confidence)
DrWeb	Trojan.VbCrypt.1509
MicroWorld-eScan	Trojan.GenericKD.5619058
FireEye	Trojan.GenericKD.5619058
CAT-QuickHeal	Trojan.Dynamer.MF.104
ALYac	Trojan.GenericKD.5619058
Cylance	Unsafe
VIPRE	Trojan.Win32.Generic!BT
Sangfor	Malware
K7AntiVirus	Trojan ( 0050c7ef1 )
BitDefender	Trojan.GenericKD.5619058
K7GW	Trojan ( 0050c7ef1 )
Cybereason	malicious.534e69
Cyren	W32/VB.MUYI-3710
Symantec	ML.Attribute.HighConfidence
APEX	Malicious
Avast	Win32:Malware-gen
ClamAV	Win.Malware.Jaiko-9780438-0
Kaspersky	Trojan.Win32.Mucc.aah
NANO-Antivirus	Trojan.Win32.Agent.eogmcz
Rising	Trojan.Injector!8.C4 (CLOUD)
Ad-Aware	Trojan.GenericKD.5619058
Sophos	Mal/Generic-S
Comodo	Malware@#1rd6zj9itgcg1
F-Secure	Heuristic.HEUR/AGEN.1127017
TrendMicro	TROJ_DROPPER.XXTWH
McAfee-GW-Edition	RDN/Generic.hbg
Emsisoft	Trojan.GenericKD.5619058 (B)
SentinelOne	Static AI – Suspicious SFX
GData	Trojan.GenericKD.5619058
Avira	HEUR/AGEN.1127017
MAX	malware (ai score=85)
Antiy-AVL	Trojan/Win32.SGeneric
Kingsoft	Win32.Troj.Generic_a.a.(kcloud)
Arcabit	Trojan.Generic.D55BD72
ZoneAlarm	Trojan.Win32.Mucc.aah
Microsoft	Trojan:Win32/Dynamer!ac
Cynet	Malicious (score: 85)
McAfee	Artemis!59A84EB534E6
Malwarebytes	Malware.AI.2465324104
Panda	Trj/CI.A
ESET-NOD32	Win32/Injector.DOGM
TrendMicro-HouseCall	TROJ_DROPPER.XXTWH
Tencent	Malware.Win32.Gencirc.11492a56
Yandex	Trojan.GenAsa!JgUuGcZrvuI
Ikarus	Trojan.Win32.Injector
eGambit	Generic.Malware
Fortinet	W32/Injector.DOGM!tr
AVG	Win32:Malware-gen
Paloalto	generic.ml
Qihoo-360	Win32/Trojan.d20

How to remove Malware.AI.2465324104?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

What is “Malware.AI.2465324104”?