Malware

How to remove “Malware.AI.2660497437”?

Malware Removal

The Malware.AI.2660497437 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.2660497437 virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Possible date expiration check, exits too soon after checking local time
  • Performs some HTTP requests
  • The binary likely contains encrypted or compressed data.
  • Deletes its original binary from disk
  • Network activity detected but not expressed in API logs
  • Creates a copy of itself
  • Creates a slightly modified copy of itself
  • Anomalous binary characteristics

Related domains:

z.whorecord.xyz
a.tomx.xyz
ocsp.digicert.com
asmoinhol.com

How to determine Malware.AI.2660497437?



File Info:

crc32: 15F522F4
md5: cfb74ebe18a5a7a7e90f0ffd850b5870
name: CFB74EBE18A5A7A7E90F0FFD850B5870.mlw
sha1: 45c070278ab12b757009469b90e02d9a13bb1f41
sha256: 6b5f4fe54006fd7188e06c7bd1f3c73009df284c73ea6d84669e8ebf9b27edd5
sha512: 15fb989dafd4ba5a4ae7fc32355329c014537473d940ea5ce1de740cb60eb36ca61886fbc3bbc4029d1a5d6f9256fbae3f1c4fe6e80b2ba84a96b685fcaeaa58
ssdeep: 3072:J0EjJoIG46Ol87ULQeaLVn7qnt1x80yh4HYjlzIfd2yP4hG0yqS5rcEs:JVnG4CUCV7qnB0Nj+lMhG0Q5
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: Copyright xa9 2010 EA Digital Illusions CE AB. All rights reserved.
InternalName: MoHUpdator.exe
FileVersion: 4.0.21.0
CompanyName: EA Digital Illusions CE AB
ProductName: Medal of Honor Updator
ProductVersion: 4.0.21.0
FileDescription: Medal of Honor Updator
OriginalFilename: MoHUpdator.exe
Translation: 0x0409 0x04e4

Malware.AI.2660497437 also known as:

BkavW32.AIDetect.malware1
K7AntiVirusTrojan ( 0040fa961 )
Elasticmalicious (high confidence)
DrWebBackDoor.Tdss.4685
MicroWorld-eScanTrojan.Ransom.Petya.Gen.1
CylanceUnsafe
ZillyaBackdoor.TDSS.Win32.8761
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (D)
AlibabaTrojan:Win32/Olmarik.bedb9221
K7GWRootKit ( 004e447f1 )
Cybereasonmalicious.e18a5a
CyrenW32/FakeAlert.PF.gen!Eldorado
SymantecBackdoor.Tidserv
ESET-NOD32a variant of Win32/Olmarik.ASG
ZonerTrojan.Win32.32305
APEXMalicious
AvastWin32:Olmarik-C [Trj]
CynetMalicious (score: 100)
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderTrojan.Ransom.Petya.Gen.1
NANO-AntivirusTrojan.Win32.MLW.drkon
ViRobotTrojan.Win32.Petya.175616
TencentWin32.Trojan.Generic.Tdfr
Ad-AwareTrojan.Ransom.Petya.Gen.1
SophosML/PE-A + Mal/Mohupdtr-A
ComodoTrojWare.Win32.Olmarik.AME@4hv6c3
BitDefenderThetaAI:Packer.CA65C6D620
VIPRETrojan.Win32.Alureon.ecb (v)
TrendMicroTROJ_FAKEAV.SMRB
McAfee-GW-EditionBehavesLike.Win32.Generic.cc
FireEyeGeneric.mg.cfb74ebe18a5a7a7
EmsisoftTrojan.Ransom.Petya.Gen.1 (B)
SentinelOneStatic AI – Malicious PE
JiangminTrojan/Generic.eegu
WebrootW32.Trojan.Gen
AviraTR/TDSS.Gen2
KingsoftWin32.Troj.Undef.(kcloud)
MicrosoftTrojan:Win32/Alureon.gen!M
ArcabitTrojan.Ransom.Petya.Gen.1
AegisLabTrojan.Win32.Generic.4!c
GDataTrojan.Ransom.Petya.Gen.1
AhnLab-V3Trojan/Win32.Tdss.R3143
Acronissuspicious
McAfeeDNSChanger.fm
MAXmalware (ai score=100)
VBA32Trojan.EA.01226
MalwarebytesMalware.AI.2660497437
PandaGeneric Malware
TrendMicro-HouseCallTROJ_FAKEAV.SMRB
RisingTrojan.Alureon!1.669C (CLOUD)
YandexTrojan.GenAsa!TXjuWi9tIPo
IkarusTrojan.Win32.Alureon
FortinetW32/TDSS.GK!tr
AVGWin32:Olmarik-C [Trj]
Paloaltogeneric.ml

How to remove Malware.AI.2660497437?

Malware.AI.2660497437 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment