Malware

Malware.AI.2943200048 removal instruction

Malware Removal

The Malware.AI.2943200048 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.2943200048 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • The binary contains an unknown PE section name indicative of packing
  • Executable file is packed/obfuscated with ASPack
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Executed a sysinternals tool
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Malware.AI.2943200048?



File Info:

name: 4B93AC6AF5F5596CC079.mlw
path: /opt/CAPEv2/storage/binaries/4cdd9b923421e5a467134f3cc9b50347832a62e1e7ee55f2a9eed66390209cee
crc32: F9D65AC3
md5: 4b93ac6af5f5596cc07993da8b4ea39b
sha1: f18f71920b26133b874c0353b76a89f7f43e195e
sha256: 4cdd9b923421e5a467134f3cc9b50347832a62e1e7ee55f2a9eed66390209cee
sha512: 183bc7ea41bfc08adf2a8df5ce6710e7a7a4273b37410785d43019d4cad721d213937b4773aaa5e245852fb3d45c8a25f13d222a8494550245af5917eb6f2411
ssdeep: 3072:sUUNyw7wl0Jy6ZD4q50pVV85bnVxPLNzlJN7iinXN6FbEiQImDTtWzehzJkoPC4:sUUNyb0JdZD4g0febV9znOnQDSYtkoN
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T135141286D3CC49EAEA84303105C3B5B0BA79ED7C59524B0FE7F8D81D59A2D25BF47221
sha3_384: b7a2fed1b30659a306d431f0195375ac9906f0f75bc52baa601fbc63b38cb098f30a36b0d05b8cf865b54f72c10ff506
ep_bytes: 60e803000000e9eb045d4555c3e80100
timestamp: 2012-11-10 23:52:57


Version Info:

CompanyName: Sysinternals
FileDescription: DebugView
FileVersion: 4.81
InternalName: Sysinternals Debug Output Viewer
LegalCopyright: Copyright © 1998-2012 Mark Russinovich
OriginalFilename: Dbgview.exe
ProductName: Sysinternals Debugview
ProductVersion: 4.81
Translation: 0x0409 0x04b0

Malware.AI.2943200048 also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Generic.4!c
Elasticmalicious (moderate confidence)
MicroWorld-eScanGen:Trojan.Heur2.GZ.my0bb46NeYci
SkyhighBehavesLike.Win32.Ransomware.dc
McAfeeArtemis!4B93AC6AF5F5
Cylanceunsafe
SangforTrojan.Win32.Agent.Vjpz
CrowdStrikewin/malicious_confidence_60% (W)
BitDefenderGen:Trojan.Heur2.GZ.my0bb46NeYci
EmsisoftGen:Trojan.Heur2.GZ.my0bb46NeYci (B)
VIPREGen:Trojan.Heur2.GZ.my0bb46NeYci
Trapminemalicious.moderate.ml.score
FireEyeGen:Trojan.Heur2.GZ.my0bb46NeYci
IkarusVirus.Win32.Sality
GDataGen:Trojan.Heur2.GZ.my0bb46NeYci
Antiy-AVLTrojan/Win32.PossibleThreat
Kingsoftmalware.kb.a.999
ArcabitTrojan.Heur2.GZ.my0bb46NeYci
VaristW32/ABRisk.FWCO-1381
ALYacGen:Trojan.Heur2.GZ.my0bb46NeYci
MAXmalware (ai score=80)
MalwarebytesMalware.AI.2943200048
TrendMicro-HouseCallTROJ_GEN.R002H09GL23
SentinelOneStatic AI – Suspicious PE
MaxSecureTrojan.Malware.214623615.susgen
FortinetW32/PossibleThreat
BitDefenderThetaAI:Packer.A5AEC6EA20
DeepInstinctMALICIOUS

How to remove Malware.AI.2943200048?

Malware.AI.2943200048 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment