Malware

Malware.AI.2920339521 malicious file

Malware Removal

The Malware.AI.2920339521 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.2920339521 virus can do?

  • Presents an Authenticode digital signature
  • Loads a driver
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary likely contains encrypted or compressed data.
  • Attempts to repeatedly call a single API many times in order to delay analysis time
  • Installs itself for autorun at Windows startup
  • Exhibits possible ransomware file modification behavior
  • Creates a hidden or system file
  • Network activity detected but not expressed in API logs

How to determine Malware.AI.2920339521?



File Info:

crc32: A86B141C
md5: 637d81126bf3c68080570c3ce97e3358
name: 637D81126BF3C68080570C3CE97E3358.mlw
sha1: 9e32a572274614bcbd132df6ade84a31a976db1d
sha256: f3f971c4d18007e7c7996af9a30b651c06d6914f6817c2f5900613b836cc8747
sha512: a827aac41a6b208203fcd4276801bbfebc1aa32a8b52a450b2f97e4afebefe42f9a255f916057ec350abef447abdc8cfd00b1305b3c3aabd00de0233d85ab168
ssdeep: 24576:XDmtBPsTUf4itp/AHCbMorG3aJA5Oqe4cW72UG:XCMTqmiwGVMc8jG
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

0: [No Data]

Malware.AI.2920339521 also known as:

BkavW32.AIDetect.malware2
K7AntiVirusTrojan ( 00577e711 )
Elasticmalicious (high confidence)
DrWebTrojan.DownLoader33.20297
CynetMalicious (score: 100)
ALYacGen:Variant.Zusy.360116
CylanceUnsafe
ZillyaTrojan.Rovnix.Win32.1089
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_80% (W)
AlibabaTrojan:Win32/Rovnix.380b82dc
K7GWTrojan ( 00577e711 )
Cybereasonmalicious.26bf3c
SymantecTrojan.Gen.MBT
ESET-NOD32a variant of Win32/Rovnix.AT
APEXMalicious
AvastWin32:Rovnix-K [Rtk]
KasperskyHEUR:Trojan.Win32.Agent.vho
BitDefenderGen:Variant.Zusy.360116
NANO-AntivirusTrojan.Win32.Rovnix.homlna
MicroWorld-eScanGen:Variant.Zusy.360116
TencentMalware.Win32.Gencirc.10ce3e7c
Ad-AwareGen:Variant.Zusy.360116
SophosML/PE-A + Troj/AutoG-LW
BitDefenderThetaAI:Packer.7B87EF9C20
McAfee-GW-EditionBehavesLike.Win32.Generic.cc
FireEyeGeneric.mg.637d81126bf3c680
EmsisoftTrojan.Rovnix (A)
SentinelOneStatic AI – Suspicious PE
JiangminTrojan.Agent.cwiu
AviraHEUR/AGEN.1136223
MicrosoftTrojan:Win32/Wacatac.B!ml
GridinsoftTrojan.Win32.Agent.oa!s1
ArcabitTrojan.Zusy.D57EB4
GDataGen:Variant.Zusy.360116
AhnLab-V3Malware/Win32.Generic.C2534047
McAfeeGenericRXAA-AA!637D81126BF3
MAXmalware (ai score=87)
VBA32BScope.Trojan.Agent
MalwarebytesMalware.AI.2920339521
RisingRootkit.Agent!1.BF1F (CLOUD)
IkarusTrojan.Win32.Rovnix
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Generic.AP.171C2F2!tr
AVGWin32:Rovnix-K [Rtk]
Paloaltogeneric.ml

How to remove Malware.AI.2920339521?

Malware.AI.2920339521 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment