Malware

How to remove “Malware.AI.2764271228”?

Malware Removal

The Malware.AI.2764271228 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.2764271228 virus can do?

  • Injection (inter-process)
  • Injection (Process Hollowing)
  • Reads data out of its own binary image
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Uses Windows utilities for basic functionality
  • Executed a process and injected code into it, probably while unpacking
  • Deletes its original binary from disk
  • Network activity detected but not expressed in API logs
  • Creates a copy of itself
  • Anomalous binary characteristics
  • Uses suspicious command line tools or Windows utilities

Related domains:

z.whorecord.xyz
a.tomx.xyz

How to determine Malware.AI.2764271228?



File Info:

crc32: 77548BF8
md5: 02abe71afc5325e4433eb8b7a83f0cbe
name: 02ABE71AFC5325E4433EB8B7A83F0CBE.mlw
sha1: 606c502fc908efe5c24ac8a9ca3115bde30906ae
sha256: c2e9dec0d8d4714e310b43496ab87d3e6721f0de540f38e530bd2e6ba4aee30d
sha512: 65988025eb596612bbb6efb38583535f13b8fa171a6194ffa31774d60e18552dd833e1b31b099b414b8c7d1d55ad5002a4b8017c7e108e415278565f3783cc23
ssdeep: 768:rOXqkWo7VszPZKag5q8ipcSljicGRtu6IAqQ8uNzqGjGYQp:CXqlo7VsjYqXrGj1qQPs/p
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: Copyright (C) Microsoft Corp. 1981-1999
InternalName: host32
FileVersion: 5.00.2195.6612
CompanyName: Microsoft Corporation
ProductName: Microsoft(R) Windows (R) Operating System
ProductVersion: 5.00.2195.6612
FileDescription: Windows Host32
OriginalFilename: HOST32.COM
Translation: 0x0804 0x04b0

Malware.AI.2764271228 also known as:

BkavW32.AIDetect.malware1
K7AntiVirusTrojan ( 0055e3991 )
Elasticmalicious (high confidence)
DrWebBackDoor.Skullboy
ClamAVWin.Trojan.Inject-191
CAT-QuickHealTrojan.Inject
ALYacGen:Trojan.ExplorerHijack.cG1@aiV7OKob
CylanceUnsafe
ZillyaTrojan.Inject.Win32.10771
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaVirTool:Win32/DelfInject.043c1838
K7GWTrojan ( 0055e3991 )
Cybereasonmalicious.afc532
CyrenW32/DelfInject.A.gen!Eldorado
SymantecBackdoor.Trojan
ESET-NOD32a variant of Win32/Injector.ZN
APEXMalicious
AvastWin32:Agent-LJG [Trj]
CynetMalicious (score: 100)
BitDefenderGen:Trojan.ExplorerHijack.cG1@aiV7OKob
NANO-AntivirusTrojan.Win32.Inject.bxnwfh
ViRobotTrojan.Win32.Inject.48128.B
MicroWorld-eScanGen:Trojan.ExplorerHijack.cG1@aiV7OKob
TencentMalware.Win32.Gencirc.114b5138
Ad-AwareGen:Trojan.ExplorerHijack.cG1@aiV7OKob
SophosML/PE-A + Mal/Behav-132
ComodoTrojWare.Win32.Spy.Banker.Gen@1qlojk
BitDefenderThetaAI:Packer.D5F90E981C
VIPRETrojan.Win32.Generic!BT
TrendMicroTROJ_GEN.R005C0CEF21
McAfee-GW-EditionBehavesLike.Win32.Backdoor.pm
FireEyeGeneric.mg.02abe71afc5325e4
EmsisoftGen:Trojan.ExplorerHijack.cG1@aiV7OKob (B)
SentinelOneStatic AI – Malicious PE
JiangminTrojan/Agent.tyb
WebrootW32.Malware.Heur
AviraBDS/Hupigon.Gen
MicrosoftVirTool:Win32/DelfInject.gen!X
GridinsoftTrojan.Win32.Downloader.oa!s1
GDataGen:Trojan.ExplorerHijack.cG1@aiV7OKob
TACHYONTrojan/W32.DP-Inject.48178
AhnLab-V3Trojan/Win.Inject.R420677
Acronissuspicious
McAfeeBackDoor-DOQ.gen.w
MAXmalware (ai score=80)
VBA32Trojan.Win32.Buzus.az
MalwarebytesMalware.AI.2764271228
PandaGeneric Malware
TrendMicro-HouseCallTROJ_GEN.R005C0CEF21
RisingStealer.OnLineGames!1.66E7 (CLOUD)
YandexTrojan.Inject!1xg/CKutGdk
IkarusTrojan-Downloader.Win32.Sinique
eGambitUnsafe.AI_Score_92%
FortinetW32/Injector.fam!tr
AVGWin32:Agent-LJG [Trj]
Paloaltogeneric.ml

How to remove Malware.AI.2764271228?

Malware.AI.2764271228 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment