Malware

How to remove “Malware.AI.2579481269”?

Malware Removal

The Malware.AI.2579481269 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.2579481269 virus can do?

  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • The binary contains an unknown PE section name indicative of packing
  • Executable file is packed/obfuscated with ASPack
  • Looks up the external IP address
  • Authenticode signature is invalid
  • Sniffs keystrokes

Related domains:

checkip.dyndns.org

How to determine Malware.AI.2579481269?



File Info:

name: DE806573EE456F00B29C.mlw
path: /opt/CAPEv2/storage/binaries/216313e0ec4b088bab66a0469d2159fabb653a1671c9e94fb37941443c1720b0
crc32: DC10B9B8
md5: de806573ee456f00b29c9e7540000ff5
sha1: 44afb7b146c261159b6926d101eb2d9efc8f27d6
sha256: 216313e0ec4b088bab66a0469d2159fabb653a1671c9e94fb37941443c1720b0
sha512: 559845f111a27f52a7f03659308c16f7df33d52e3a06a77373c2e3f969a3bc790c95ec7172e52f2f1d9c2440811606b3bb41d92dd9770c7ef39e49116c491a78
ssdeep: 24576:LZgsHPLz72l6S3oBe6KpGw+/dMWSbLlJ+a+ESiDawBnSJOwxvoZulWV5rz0UOQu6:p7XuCl5GLP2wpSJOtV5r7dNTico5JTv
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1FDF55C12F384953EF4670A328837D964993F7B612917CC4E6BF4094C8E39A407A7E66F
sha3_384: cd67811bdad87c52adda3254021fe1b05e5573e304795cdafd29e80632ea0fea64e660d8ee4ab35248cf011d642633bb
ep_bytes: 558bec83c4f0b8dc206f00e870fed0ff
timestamp: 2018-03-07 20:25:21


Version Info:

FileDescription: Logon
FileVersion: 1.0.0.0
ProductName: Logon
ProductVersion: 1.0.0.0
ProgramID: com.embarcadero.Logon
Translation: 0x0409 0x04e4

Malware.AI.2579481269 also known as:

BkavW32.AIDetect.malware1
LionicTrojan.Win32.Generic.4!c
Elasticmalicious (high confidence)
FireEyeGeneric.mg.de806573ee456f00
CylanceUnsafe
AlibabaTrojanSpy:Win32/Banker.d4e2cac5
Cybereasonmalicious.146c26
BitDefenderThetaGen:NN.ZelphiF.34294.n30@aqE82qii
SymantecML.Attribute.HighConfidence
ESET-NOD32Win32/Spy.Banker.AEAR
TrendMicro-HouseCallTROJ_GEN.R002H0CKK21
Paloaltogeneric.ml
AvastWin32:Malware-gen
ComodoMalware@#2874fcc303cpj
McAfee-GW-EditionBehavesLike.Win32.PUPXAQ.wh
SophosMal/Generic-S
IkarusTrojan.ATRAPS
AviraTR/ATRAPS.Gen
GridinsoftRansom.Win32.Wacatac.sa
MicrosoftTrojan:Win32/Tnega!ml
McAfeeArtemis!DE806573EE45
VBA32TScope.Trojan.Delf
MalwarebytesMalware.AI.2579481269
APEXMalicious
YandexTrojanSpy.Banker!MVVG53UVeds
SentinelOneStatic AI – Suspicious PE
FortinetW32/Banker.AEAR!tr.spy
AVGWin32:Malware-gen
PandaTrj/GdSda.A

How to remove Malware.AI.2579481269?

Malware.AI.2579481269 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment