Malware.AI.2666986446 (file analysis)

The Malware.AI.2666986446 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.2666986446 virus can do?

Sample contains Overlay data
Authenticode signature is invalid
Anomalous binary characteristics

How to determine Malware.AI.2666986446?


File Info:
name: 9A17AD1053774EDA05AE.mlw
path: /opt/CAPEv2/storage/binaries/bdf196d3fb641695ad5c5300263915db80e232348be612adf7151c5cea0b8dcd
crc32: 955865A3
md5: 9a17ad1053774eda05ae0d6895087de4
sha1: 5f000e547ec52efbc0cef5a15c78f5d214c7206a
sha256: bdf196d3fb641695ad5c5300263915db80e232348be612adf7151c5cea0b8dcd
sha512: 08e6149eded1c31bc7ee3c5a37ff41e2426c47395e52fa24cf730587079fb3d269fa8d1ff673f2ea7e8f33457cd6d1d612b15bec629bc80f2a21d1c7815a5a1c
ssdeep: 1536:k56M8cUaZNReEssgrZwp3CezonRWCn/vvbvxP8R6Znv82QYIPNEldFzY4F5mmOS:n3axOBrsCeG3vbvxYOvSPNEldFzp5mjS
type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
tlsh: T1CAC35A1273C1D97AC8E711318EB2BB9AE3B7EA244C3847173314271D9F752866C6929F
sha3_384: 43708db3c2fb09f333523d1054180bdbd0ce5849dd55bfa86cffe3295bccad12c160589069aad49830a182c4ecacd557
ep_bytes: 558bec538b5d08568b750c85f6578b7d
timestamp: 2024-02-04 20:31:02

Version Info:
CompanyName: Microsoft Corporation
FileDescription: Microsoft Sync Manager
FileVersion: 10.0.19041.1 (WinBuild.160101.0800)
InternalName: mobsync.dll
LegalCopyright: © Microsoft Corporation. All rights reserved.
OriginalFilename: mobsync.dll
ProductName: Microsoft® Windows® Operating System
ProductVersion: 10.0.19041.1
Translation: 0x0409 0x04b0

Malware.AI.2666986446 also known as:

Lionic	Trojan.Win32.Generic.4!c
Elastic	malicious (high confidence)
DrWeb	Trojan.Loader.1907
MicroWorld-eScan	Gen:Variant.Zusy.539534
FireEye	Gen:Variant.Zusy.539534
Skyhigh	Artemis
ALYac	Gen:Variant.Zusy.539534
Cylance	unsafe
Sangfor	Trojan.Win32.Zusy.Vzhj
Symantec	ML.Attribute.HighConfidence
ClamAV	Win.Downloader.Zusy-10022934-0
Kaspersky	UDS:Trojan.Win32.Loader.gen
BitDefender	Gen:Variant.Zusy.539534
Avast	Win32:TrojanX-gen [Trj]
Emsisoft	Gen:Variant.Zusy.539534 (B)
Google	Detected
VIPRE	Gen:Variant.Zusy.539534
Sophos	Generic Reputation PUA (PUA)
Ikarus	Trojan.SuspectCRC
GData	Gen:Variant.Zusy.539534
Jiangmin	Trojan.Loader.bk
Arcabit	Trojan.Zusy.D83B8E
ZoneAlarm	UDS:Trojan.Win32.Loader.gen
Microsoft	Trojan:Win32/Wacatac.B!ml
AhnLab-V3	Trojan/Win.Generic.C5598171
McAfee	GenericRXAA-AA!9A17AD105377
MAX	malware (ai score=87)
Malwarebytes	Malware.AI.2666986446
Panda	Trj/Genetic.gen
MaxSecure	Trojan.Malware.121218.susgen
Fortinet	W32/Zusy.539534!tr
AVG	Win32:TrojanX-gen [Trj]
alibabacloud	Trojan:Win/Zusy

How to remove Malware.AI.2666986446?

Malware.AI.2666986446 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X