Malware

About “Malware.AI.2778948802” infection

Malware Removal

The Malware.AI.2778948802 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.2778948802 virus can do?

  • Sample contains Overlay data
  • CAPE extracted potentially suspicious content
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid

How to determine Malware.AI.2778948802?



File Info:

name: 1D2FC55F423C87CFA664.mlw
path: /opt/CAPEv2/storage/binaries/4e3335a8fd4e1c6edc1d7174d4ee55f8603edd015d7a316fb752bf6819ef752c
crc32: EACE828F
md5: 1d2fc55f423c87cfa664843aeddfeea9
sha1: 825b97465d6e1522e75d75ff03e6d6c24fc4e126
sha256: 4e3335a8fd4e1c6edc1d7174d4ee55f8603edd015d7a316fb752bf6819ef752c
sha512: b6f03ec631a9edc1f20e3eb83551431617d99bc21dd04dae3373a4a856e00278d1911fb2b4c38ed956fd38fc97fc379c1b41ba5f81323561c7d1beb7d77e7775
ssdeep: 24576:ll6upCb27eMLBeSNDsVN3FJSFTOyQUiqQ7C0r1+0heR+O5j0:bASKVxSFTW7Ci/O5j0
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T1C5755B037285403BD0B21F7A4D2796E05D3F79202E559E9BAEF85ECC0EF9A405C36A5B
sha3_384: d7c0f4db692f37f92dcd2620b6ed3ad8425237acd6ac46e1bf9e2197c24c6994f777b0c9baa41831461f1e67a9793692
ep_bytes: 8bec83c4f0a1fc9b5400c60001b828e1
timestamp: 2022-09-24 07:07:54


Version Info:

CompanyName: 杭州核新软件技术有限公司(Hexin)
FileDescription: 第三方委托程序
FileVersion: 2021, 8, 30, 1
InternalName: E34
LegalCopyright: 杭州核新同花顺网络有限公司 版权所有 (C) 2011
OriginalFilename: WeiTuoNew.exe
ProductName: 第三方委托程序
ProductVersion: 1, 1, 4, 12
Translation: 0x0804 0x04b0

Malware.AI.2778948802 also known as:

MicroWorld-eScanGen:Variant.Jaik.98179
FireEyeGen:Variant.Jaik.98179
ALYacGen:Variant.Jaik.98179
CylanceUnsafe
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_70% (W)
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/QQWare.DM
APEXMalicious
BitDefenderGen:Variant.Jaik.98179
AvastWin32:Trojan-gen
Ad-AwareGen:Variant.Jaik.98179
EmsisoftGen:Variant.Jaik.98179 (B)
VIPREGen:Variant.Jaik.98179
McAfee-GW-EditionBehavesLike.Win32.BadFile.th
Trapminesuspicious.low.ml.score
IkarusTrojan.Win32.QQWare
GDataGen:Variant.Jaik.98179
GoogleDetected
Antiy-AVLTrojan/Generic.ASMalwS.52D4
ArcabitTrojan.Jaik.D17F83
MicrosoftTrojan:Win32/Wacatac.B!ml
AhnLab-V3Trojan/Win.Generic.R505533
McAfeeArtemis!1D2FC55F423C
MAXmalware (ai score=86)
VBA32TScope.Trojan.Delf
MalwarebytesMalware.AI.2778948802
RisingStealer.QQPass!1.DE10 (CLASSIC)
AVGWin32:Trojan-gen
Cybereasonmalicious.65d6e1

How to remove Malware.AI.2778948802?

Malware.AI.2778948802 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment