Malware

About “Malware.AI.2909737726” infection

Malware Removal

The Malware.AI.2909737726 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.2909737726 virus can do?

  • Executed a command line with /C or /R argument to terminate command shell on completion which can be used to hide execution
  • Uses Windows utilities for basic functionality
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Uses Windows utilities to create a scheduled task
  • Attempts to identify installed analysis tools by a known file location
  • Creates a copy of itself
  • Collects information to fingerprint the system
  • Uses suspicious command line tools or Windows utilities

How to determine Malware.AI.2909737726?



File Info:

name: EBC6B45BC114EB2D92A7.mlw
path: /opt/CAPEv2/storage/binaries/f4ef0dc8f2b3491123576ee073288d1ed36e120643c8885f2439cc9bb2a8718f
crc32: 00936305
md5: ebc6b45bc114eb2d92a7a6bd4f3f6021
sha1: 08b35451e0911d43ea2893b52948cf4896fdc0ce
sha256: f4ef0dc8f2b3491123576ee073288d1ed36e120643c8885f2439cc9bb2a8718f
sha512: 5359830ef138f72d15d6b01d93a3e1ed04432c0a4f9fcae1f6d2f35b9bc271c7052628e1d360321adff4a2f1d9a704ef957c4b46681e47378546e8a5641ad891
ssdeep: 6144:Lzhfghyjk1mXIJa7M9OPwRCT0l2HTIbefWRfghyjk1mXIJa7M9OPwRCT0l2HTIbe:Lzhfghyjk1mXIJa7M9OPwRCT0l2HTIbT
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1A824A51137F85814F2FE96B78E7342644333FAD25D32CB0E2ACC929A4B726819D56772
sha3_384: 9d7d1418512ad8fe1aa0d5581fa04e1712f433ef9c6e21f807e17cd231279f1d7f5edee8aecbc83591d8069222453bcc
ep_bytes: ff250020400000000000000000000000
timestamp: 2011-10-09 23:25:41


Version Info:

Translation: 0x0000 0x04b0
Comments: dxdiag
CompanyName: Microsoft
FileDescription: dxdiag
FileVersion: 1.2.1.0
InternalName: dxdiag.exe
LegalCopyright:  
OriginalFilename: dxdiag.exe
ProductName: dxdiag
ProductVersion: 1.2.1.0
Assembly Version: 1.2.1.0

Malware.AI.2909737726 also known as:

BkavW32.AIDetectMalware.CS
LionicTrojan.Win32.Jorik.4!c
MicroWorld-eScanIL:Trojan.MSILMamut.10328
ClamAVWin.Worm.Autorun-447
FireEyeGeneric.mg.ebc6b45bc114eb2d
SkyhighRDN/Generic.dx
McAfeeRDN/Generic.dx
Cylanceunsafe
ZillyaTrojan.Jorik.Win32.21875
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 700000121 )
K7GWTrojan ( 700000121 )
CrowdStrikewin/malicious_confidence_90% (W)
ArcabitIL:Trojan.MSILMamut.D2858
BitDefenderThetaGen:NN.ZemsilF.36744.nm0@amXiUid
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of MSIL/Agent.GX
CynetMalicious (score: 100)
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderIL:Trojan.MSILMamut.10328
NANO-AntivirusTrojan.Win32.Jorik.fotic
AvastMSIL:Agent-ADB [Trj]
TencentWin32.Trojan.Generic.Mcnw
EmsisoftIL:Trojan.MSILMamut.10328 (B)
F-SecureBackdoor.BDS/Backdoor.Gen
DrWebTrojan.DownLoader5.3343
VIPREIL:Trojan.MSILMamut.10328
SophosMal/MSIL-W
SentinelOneStatic AI – Malicious PE
JiangminTrojan/Jorik.rxh
WebrootW32.Malware.Gen
GoogleDetected
AviraBDS/Backdoor.Gen
MAXmalware (ai score=85)
Antiy-AVLTrojan/Win32.AGeneric
XcitiumMalware@#2y9ci604jfwjc
MicrosoftBackdoor:MSIL/Aataki.A
ZoneAlarmHEUR:Trojan.Win32.Generic
GDataIL:Trojan.MSILMamut.10328
AhnLab-V3Trojan/Win32.Genome.C114820
ALYacIL:Trojan.MSILMamut.10328
MalwarebytesMalware.AI.2909737726
PandaGeneric Malware
RisingBackdoor.Aataki!8.2BF (CLOUD)
IkarusTrojan-PWS.MSIL
MaxSecureTrojan.Malware.300983.susgen
FortinetMSIL/AntiVM.V!tr
AVGMSIL:Agent-ADB [Trj]
Cybereasonmalicious.1e0911
DeepInstinctMALICIOUS

How to remove Malware.AI.2909737726?

Malware.AI.2909737726 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment