Malware

Should I remove “Malware.AI.2721158400”?

Malware Removal

The Malware.AI.2721158400 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.2721158400 virus can do?

  • Performs HTTP requests potentially not found in PCAP.
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • CAPE detected the RedLine malware family
  • Attempts to modify proxy settings
  • Deletes executed files from disk
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Malware.AI.2721158400?



File Info:

name: B2711BD941C193E36A45.mlw
path: /opt/CAPEv2/storage/binaries/958c98057e179e09fee32ce0fde3831b51e2e60086c3ccf190d9bd0727399fea
crc32: FD83AC13
md5: b2711bd941c193e36a4576265baeb764
sha1: b862d0d6ff885fd0a0c2c66a185277af2d619149
sha256: 958c98057e179e09fee32ce0fde3831b51e2e60086c3ccf190d9bd0727399fea
sha512: 46c6655f094b659e8263375d0934c225b5077e16b7fac444d31ab07738760c5787b81d1361674f57be97eae6d5cae86f93c919e4964e572a63cde4d9f571bbe4
ssdeep: 12288:kMr5y90FDfZkkwbY64ex4rru7z9eOIQq2VrJoAJYJ4QD4v4L:Fy8TZqcIx434cQq2h2za6
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T137F41202BFD55072E0B12B701CFB07932E33BDA15E3986BB264529594DB3285B97933B
sha3_384: a462b9d2f2ba6be96a281435567a3b8e33b181b5dc5b0451cacd4a5e75c5c7aedfb7855f80e5c10f4dba3e1835d9764a
ep_bytes: e8f0060000e9000000006a5868b87240
timestamp: 2022-05-24 22:49:06


Version Info:

CompanyName: Microsoft Corporation
FileDescription: Win32 Cabinet Self-Extractor                                           
FileVersion: 11.00.17763.1 (WinBuild.160101.0800)
InternalName: Wextract                
LegalCopyright: © Microsoft Corporation. All rights reserved.
OriginalFilename: WEXTRACT.EXE            .MUI
ProductName: Internet Explorer
ProductVersion: 11.00.17763.1
Translation: 0x0409 0x04b0

Malware.AI.2721158400 also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Stealer.12!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Heur.Crifi.1
FireEyeGen:Heur.Crifi.1
CAT-QuickHealTrojanPWS.RedLine.S30448724
McAfeeArtemis!B2711BD941C1
MalwarebytesMalware.AI.2721158400
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan-Downloader ( 0057994f1 )
AlibabaTrojanSpy:Win32/Stealer.08eab27b
K7GWTrojan ( 005aad751 )
CrowdStrikewin/malicious_confidence_100% (W)
VirITTrojan.Win32.Genus.SNN
CyrenW32/Kryptik.JKR.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32multiple detections
APEXMalicious
ClamAVWin.Packed.Lazy-9958163-0
KasperskyUDS:Trojan-Spy.Win32.Stealer.pef
BitDefenderGen:Heur.Crifi.1
NANO-AntivirusTrojan.Win32.Stealerc.jzaiem
SUPERAntiSpywareTrojan.Agent/Gen-Downloader
AvastWin32:TrojanX-gen [Trj]
TencentWin32.Trojan-Spy.Stealer.Fkjl
EmsisoftGen:Heur.Crifi.1 (B)
F-SecureHeuristic.HEUR/AGEN.1323756
DrWebTrojan.Siggen21.25551
VIPREGen:Heur.Crifi.1
TrendMicroTrojanSpy.Win32.REDLINE.YXDIEZ
McAfee-GW-EditionBehavesLike.Win32.AgentTesla.bc
Trapminemalicious.high.ml.score
SophosTroj/PlugX-EC
IkarusTrojan.Spy.Stealer
GDataWin32.Trojan.PSE.9NB6YG
JiangminTrojan.Generic.ekdes
GoogleDetected
AviraTR/Agent_AGen.jzvqp
Antiy-AVLTrojan[Downloader]/Win32.Amadey
ArcabitTrojan.Crifi.1
ZoneAlarmHEUR:Trojan-Spy.Win32.Stealer.pef
MicrosoftTrojan:MSIL/Disabler.EM!MTB
CynetMalicious (score: 99)
Acronissuspicious
ALYacGen:Heur.Crifi.1
MAXmalware (ai score=81)
Cylanceunsafe
PandaTrj/CI.A
TrendMicro-HouseCallTrojanSpy.Win32.REDLINE.YXDIEZ
RisingDownloader.Amadey!8.125AC (TFE:5:5THvZBcKOfP)
YandexTrojan.Agent!fukJJqaLiXg
SentinelOneStatic AI – Malicious SFX
FortinetW32/Kryptik.0A1A!tr
AVGWin32:TrojanX-gen [Trj]
Cybereasonmalicious.6ff885
DeepInstinctMALICIOUS

How to remove Malware.AI.2721158400?

Malware.AI.2721158400 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment