Malware

How to remove “Malware.AI.2948887370”?

Malware Removal

The Malware.AI.2948887370 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.2948887370 virus can do?

  • Injection (inter-process)
  • Injection (Process Hollowing)
  • Executable code extraction
  • Creates RWX memory
  • Reads data out of its own binary image
  • A process created a hidden window
  • Executed a process and injected code into it, probably while unpacking
  • Attempts to delete volume shadow copies
  • A system process is generating network traffic likely as a result of process injection
  • Installs itself for autorun at Windows startup
  • Attempts to modify proxy settings
  • Attempts to modify browser security settings
  • Creates a copy of itself
  • Harvests information related to installed mail clients
  • Uses suspicious command line tools or Windows utilities

Related domains:

awesomedomain.ru

How to determine Malware.AI.2948887370?



File Info:

crc32: 2B78DD76
md5: 4256b43110d9bd870360824242288aab
name: 4256B43110D9BD870360824242288AAB.mlw
sha1: f5dcd7336d2a0937a6c1f23435c8e269876e5dc2
sha256: 4f88a871f82645d38ce3d028913c1506d036cb27626e15bbb7881aa13109267c
sha512: ee4cde3e468a6d442a904c2e726178de64f62ba115caa0648847da3acca183e9137fcd231f86681c85358a35c49fc04ce2ea2e10cf64ee337f5493c693a0e0b5
ssdeep: 6144:gNtZl72E9wdysxzdQmTU+1XBeOwayaUN4G7ZrzHBW2nZDu4c7AhufWmknrMMJpuc:KZl72gmToQe4XaUXMn638LGzeShg
type: PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows


Version Info:

LegalCopyright: Copyright (C) 2004
InternalName: base
FileVersion: 1.0.1.15
CompanyName: 
PrivateBuild: 
LegalTrademarks: 
Comments: 
ProductName: Wireless Monitor
ProductDate: Sep 23 2004
SpecialBuild: 
ProductVersion: 1.0.1.15
FileDescription: WLAN Monitor MFC Application
OriginalFilename: base.EXE
Translation: 0x0409 0x04b0

Malware.AI.2948887370 also known as:

Elasticmalicious (high confidence)
DrWebTrojan.Encoder.842
CAT-QuickHealWorm.Gamarue.WR5
CylanceUnsafe
VIPRETrojan.Win32.Generic!BT
AegisLabTrojan.Win32.Androm.4!c
K7AntiVirusTrojan ( 0055e3ef1 )
K7GWTrojan ( 0055e3ef1 )
CrowdStrikewin/malicious_confidence_100% (W)
BitDefenderThetaGen:NN.ZexaF.34590.zq0@aWrsIsfi
SymantecML.Attribute.HighConfidence
APEXMalicious
AvastWin32:Trojan-gen
ClamAVWin.Trojan.Ransom-9029
AlibabaRansom:Win32/Teerac.2408883a
NANO-AntivirusTrojan.Win32.Crypren.dklwhz
TencentMalware.Win32.Gencirc.10b9ed7a
SophosMal/Generic-R + Troj/Ransom-AOU
ComodoMalware@#8drxqyvbxhm4
BaiduWin32.Trojan.Kryptik.mu
ZillyaTrojan.Rack.Win32.12
TrendMicroTROJ_CRILOCK.JBN
McAfee-GW-EditionGeneric.dgc
EmsisoftGen:Variant.Mikey.68285 (B)
IkarusTrojan-Ransom.Rack
JiangminTrojan/Agent.hyao
WebrootW32.Infostealer.Zeus
AviraHEUR/AGEN.1140128
Antiy-AVLTrojan[Ransom]/Win32.Rack
ArcabitTrojan.Mikey.D10ABD
ZoneAlarmBackdoor.Win32.Androm.day
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.ZBot.R131772
TACHYONTrojan/W32.Rack.416768
MalwarebytesMalware.AI.2948887370
PandaTrj/RansomCrypt.A
ZonerTrojan.Win32.30763
ESET-NOD32Win32/Filecoder.TorrentLocker.A
TrendMicro-HouseCallTROJ_CRYPTED.SMB
RisingBackdoor.Win32.Androm.nd (CLOUD)
YandexTrojan.Rack!Py0Iv8cONhA
SentinelOneStatic AI – Suspicious PE
eGambitUnsafe.AI_Score_99%
FortinetW32/Generic.AP.410190
AVGWin32:Trojan-gen
Cybereasonmalicious.110d9b
Paloaltogeneric.ml

How to remove Malware.AI.2948887370?

Malware.AI.2948887370 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment