Malware

Malware.AI.2522024961 removal instruction

Malware Removal

The Malware.AI.2522024961 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.2522024961 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Attempts to connect to a dead IP:Port (1 unique times)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Presents an Authenticode digital signature
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Attempts to modify proxy settings

How to determine Malware.AI.2522024961?



File Info:

name: 972BC3D7B9DBBA9D7BD0.mlw
path: /opt/CAPEv2/storage/binaries/9a22d5c628fd96d3a80b4b4665716fa73549542445450b9accd926f22532310c
crc32: 3B201B1E
md5: 972bc3d7b9dbba9d7bd04e6642082b75
sha1: 73ab2040fa159ea432a8385587c0a90227692181
sha256: 9a22d5c628fd96d3a80b4b4665716fa73549542445450b9accd926f22532310c
sha512: b87b576ffb9937865e5ea57859c45c495c7424267e83aa508479cb6a55d6af9a1ecd599118d1cda498485440e336be163116b81a25a63dbc5a54dc7eb9dde8de
ssdeep: 24576:8NsfiTdYSuVzZH9tH1v1M5bjv1pL4jN3h4y724hbpDeKvQlHA:IT2pZ1Sv1pL4jJhFhQKI
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T17735C0326061403AE7F10573A928D6383E6CAF241F5189AAD7C4BE1D7DB848357FF266
sha3_384: 19693a54ae2182fcf70cc8e1b2df902d6ff52a19ca7b03f5096ccb9b28421dd285a3724e9332ba88dc779aa14a4af044
ep_bytes: 558bec81ec78090000e8b20c00008985
timestamp: 1970-01-01 15:50:05


Version Info:

CompanyName: McAfee, LLC.
FileDescription: McAfee Safe Connect
FileVersion: 2.13
InternalName: setup
LegalCopyright: Copyright (c) McAfee, LLC.. All rights reserved.
OriginalFilename: McAfeeSafeConnect.exe
ProductName: McAfee Safe Connect
ProductVersion: 2.13
Translation: 0x0409 0x04e4

Malware.AI.2522024961 also known as:

BkavW32.AIDetect.malware2
LionicTrojan.Win32.Patched.4!c
Elasticmalicious (high confidence)
DrWebTrojan.DownLoader44.35170
MicroWorld-eScanGen:Variant.Fugrafa.2379
FireEyeGeneric.mg.972bc3d7b9dbba9d
ALYacGen:Variant.Fugrafa.2379
CylanceUnsafe
K7AntiVirusTrojan-Downloader ( 00573e531 )
AlibabaTrojanDownloader:Win32/ZeroDloader.8cb68c29
K7GWTrojan-Downloader ( 00573e531 )
CrowdStrikewin/malicious_confidence_100% (W)
BitDefenderThetaGen:NN.ZexaF.34606.eD3@aC12H@hi
CyrenW32/ZeroDloader.A.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/TrojanDownloader.Agent.EQH
TrendMicro-HouseCallTROJ_GEN.R011C0WD322
Paloaltogeneric.ml
KasperskyTrojan.Win32.Patched.rw
BitDefenderGen:Variant.Fugrafa.2379
NANO-AntivirusVirus.Win32.Gen.ccmw
AvastFileRepMalware [Misc]
TencentVirus.Win32.Patched.kh
Ad-AwareGen:Variant.Fugrafa.2379
EmsisoftGen:Variant.Fugrafa.2379 (B)
TrendMicroTROJ_GEN.R011C0WD322
McAfee-GW-EditionBehavesLike.Win32.Generic.tc
SophosMal/Generic-S
IkarusTrojan-Downloader.Win32.Agent
JiangminTrojanDownloader.Generic.beop
AviraW32/Infector.Gen
MAXmalware (ai score=82)
Antiy-AVLTrojan/Generic.ASMalwS.353D728
MicrosoftTrojan:Win32/Wacatac.B!ml
GDataWin32.Trojan.PSE.14KG5FD
CynetMalicious (score: 100)
AhnLab-V3Malware/Win32.RL_Generic.R282625
Acronissuspicious
McAfeeArtemis!972BC3D7B9DB
TACHYONWorm/W32.ZeroDownloader
VBA32BScope.TrojanBanker.CliptoShuffler
MalwarebytesMalware.AI.2522024961
APEXMalicious
RisingDownloader.Generic!8.141 (CLOUD)
FortinetW32/Agent.EQH!tr
AVGFileRepMalware [Misc]
Cybereasonmalicious.7b9dbb

How to remove Malware.AI.2522024961?

Malware.AI.2522024961 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment