Categories: Malware

Malware.AI.2699678369 information

The Malware.AI.2699678369 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.2699678369 virus can do?

  • Attempts to connect to a dead IP:Port (14 unique times)
  • Reads data out of its own binary image
  • Performs some HTTP requests
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Sniffs keystrokes
  • Network activity contains more than one unique useragent.
  • Attempts to modify proxy settings
  • Anomalous binary characteristics

Related domains:

www.baidu.com
client.5054399.com
b.533y.com
web.4399.com
pic.my4399.com
ocsp.comodoca.com
ocsp.usertrust.com
ocsp.sectigo.com
webpic.my4399.com
s19.cnzz.com
z8.cnzz.com
c.cnzz.com
ocsp.digicert.com
statuse.digitalcertvalidation.com
cnzz.mmstat.com
pcookie.cnzz.com

How to determine Malware.AI.2699678369?



File Info:

crc32: 5EC034ACmd5: 6b320f14fce82d600f207d7bc6a46cbdname: 6B320F14FCE82D600F207D7BC6A46CBD.mlwsha1: c1ae79e3d74e90ed6dd7c8b8837e117e37ee29basha256: dbf1001a6502e4f5c8a6f0505683ad396462589f17f1e969b3a92d95843d829fsha512: 91d3bfb83f2e559b1497ed1c61a48cf93f1f1486bf42cdf9d4b12597cdd9d19b7647579ebc8b815fe7f189b86a49b87ebbbb6c473e7602472adcaae4be1d4fd4ssdeep: 12288:BPzTp6eXc5QHYWZc/OstA/I13YPLF41xolwQZN2ArmBQs:BPzTpE5QHYCVwCnLF41ilZZhiBQstype: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

LegalCopyright: x56dbx4e09x4e5dx4e5dx7f51x7edcx80a1x4efdx6709x9650x516cx53f8 x4fddx7559x6240x6709x6743x5229x3002InternalName: Cq69676.exeFileVersion: cqms-qpb3-zddlCompanyName: x56dbx4e09x4e5dx4e5dx7f51x7edcx80a1x4efdx6709x9650x516cx53f8ProductName: 4399x523ax79e6x79d8x53f2ProductVersion: cqms-qpb3-zddlFileDescription: 4399x523ax79e6x79d8x53f2OriginalFilename: Cq69676.exeTranslation: 0x0804 0x03a8

Malware.AI.2699678369 also known as:

K7AntiVirus Unwanted-Program ( 0054181a1 )
Lionic Trojan.Win32.Generic.4!c
Elastic malicious (high confidence)
Cynet Malicious (score: 100)
Sangfor Trojan.Win32.Save.a
CrowdStrike win/malicious_confidence_70% (W)
Alibaba Downloader:Win32/XPACK.07651d25
K7GW Unwanted-Program ( 0054181a1 )
Cybereason malicious.4fce82
Symantec ML.Attribute.HighConfidence
ESET-NOD32 a variant of Win32/GameTool.FL potentially unsafe
APEX Malicious
Avast Win32:Malware-gen
Kaspersky not-a-virus:HEUR:Downloader.Win32.Generic
NANO-Antivirus Trojan.Win32.Razy.exalnl
Tencent Malware.Win32.Gencirc.10b7072e
Sophos Generic PUA MB (PUA)
BitDefenderTheta Gen:NN.ZexaF.34170.Ru1@aCaJ@Gnj
VIPRE Trojan.Win32.Generic!BT
McAfee-GW-Edition Generic-FAGI!6B320F14FCE8
FireEye Generic.mg.6b320f14fce82d60
SentinelOne Static AI – Malicious PE
Jiangmin Downloader.Generic.aqxp
Avira TR/Patched.Gen
Antiy-AVL Trojan/Generic.ASMalwS.245FC32
Microsoft Trojan:Win32/Wacatac.B!ml
AhnLab-V3 Malware/Win32.RL_Generic.R278330
McAfee Generic-FAGI!6B320F14FCE8
MAX malware (ai score=97)
VBA32 BScope.Trojan.Downloader
Malwarebytes Malware.AI.2699678369
Panda Trj/Genetic.gen
TrendMicro-HouseCall TROJ_GEN.R002C0PIT21
Rising Trojan.Generic@ML.100 (RDML:WmU5SoiLdsPDXIguGDq87A)
Yandex Trojan.GenAsa!IjnaRrMidfQ
Fortinet W32/PossibleThreat
AVG Win32:Malware-gen
Paloalto generic.ml

How to remove Malware.AI.2699678369?

  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.
Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment
Share
Published by
Paul Valéry
Tags: b.533y.comc.cnzz.comclient.5054399.comcnzz.mmstat.comCq69676.exeMalware.AI.2699678369ocsp.comodoca.comocsp.digicert.comocsp.sectigo.comocsp.usertrust.compcookie.cnzz.compic.my4399.coms19.cnzz.comstatuse.digitalcertvalidation.comweb.4399.comwebpic.my4399.comwww.baidu.comz8.cnzz.com
3 years ago

Recent Posts

VHO:RiskTool.Win32.ProcPatcher information

The VHO:RiskTool.Win32.ProcPatcher is considered dangerous by lots of security experts. When this infection is active,…

5 mins ago

Lazy.280688 removal guide

The Lazy.280688 is considered dangerous by lots of security experts. When this infection is active,…

1 hour ago

Malware.AI.3454153382 information

The Malware.AI.3454153382 is considered dangerous by lots of security experts. When this infection is active,…

2 hours ago

Midie.100502 removal tips

The Midie.100502 is considered dangerous by lots of security experts. When this infection is active,…

2 hours ago

Malware.AI.3915743673 (file analysis)

The Malware.AI.3915743673 is considered dangerous by lots of security experts. When this infection is active,…

2 hours ago

Malware.AI.2034266737 removal

The Malware.AI.2034266737 is considered dangerous by lots of security experts. When this infection is active,…

2 hours ago