Malware

Malware.AI.2960791114 removal guide

Malware Removal

The Malware.AI.2960791114 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.2960791114 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Behavioural detection: Injection (Process Hollowing)
  • CAPE detected the NetWire malware family
  • Deletes executed files from disk
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Malware.AI.2960791114?



File Info:

name: 0C61661A4856FA387103.mlw
path: /opt/CAPEv2/storage/binaries/c814746229db15ac710266823a2bddb7c40afbd2ae6c931c63146beb9e7442a3
crc32: 62C54925
md5: 0c61661a4856fa3871038a1197d09985
sha1: 0272fdd09b9e3e4c5af43c325071922ff9fda535
sha256: c814746229db15ac710266823a2bddb7c40afbd2ae6c931c63146beb9e7442a3
sha512: f909190de66bd2e41987595b806ec6db79b5eb4f5388732b8e2c3d5750302f1543755261ceb7979c437b24a379b03d689268a430c49d48f8059ea9cb6bb2db25
ssdeep: 12288:6/7ViQY+qBLc7ik89kot0Q+t8jxCyfFnD7m/oOT7N29/grBg+DLzdfip1VYPpY3F:6/ZiyqBLl9kot0Q+t8jxCAFnD7mN7E9h
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T19ED48E3F13F235AED3CB56B958B310F42EC0DD049FAEA7F25652A56E44F3D15028A21A
sha3_384: 0943f8d36c27a4bb62aaed4d8c708888264965dedebe8d93a4de17b0f58d994b642d29392837ccfc9ac8808134abbfaf
ep_bytes: 68e4134000e8eeffffff000000000000
timestamp: 2007-06-18 18:26:36


Version Info:

Translation: 0x0409 0x04b0
CompanyName: Panagias9
ProductName: Train10
FileVersion: 1.07.0008
ProductVersion: 1.07.0008
InternalName: cerniture
OriginalFilename: cerniture.exe

Malware.AI.2960791114 also known as:

BkavW32.AIDetectMalware
LionicTrojan.Multi.Generic.4!c
Elasticmalicious (high confidence)
DrWebTrojan.PWS.Siggen2.16388
MicroWorld-eScanGen:Heur.PonyStealer.Mm0@gSqCbZji
ClamAVWin.Packed.Vbkryjetor-7191357-0
FireEyeGeneric.mg.0c61661a4856fa38
McAfeeFareit-FOX!0C61661A4856
MalwarebytesMalware.AI.2960791114
ZillyaBackdoor.NetWiredRC.Win32.1433
SangforSuspicious.Win32.Save.vb
K7AntiVirusRiskware ( 0040eff71 )
AlibabaBackdoor:Win32/NetWiredRC.c3c8379d
K7GWRiskware ( 0040eff71 )
CrowdStrikewin/malicious_confidence_100% (W)
BitDefenderThetaGen:NN.ZevbaF.36250.Mm0@aSqCbZji
VirITTrojan.Win32.VBZenPack_Heur
CyrenW32/Agent.BAX.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Injector.EFTU
APEXMalicious
CynetMalicious (score: 100)
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Heur.PonyStealer.Mm0@gSqCbZji
NANO-AntivirusTrojan.Win32.NetWiredRC.fqutfp
AvastWin32:Malware-gen
TencentWin32.Trojan.Generic.Czlw
EmsisoftGen:Heur.PonyStealer.Mm0@gSqCbZji (B)
F-SecureTrojan.TR/AD.NetWiredRc.cyl
VIPREGen:Heur.PonyStealer.Mm0@gSqCbZji
TrendMicroTrojan.Win32.BAMAPANO.SM3.hp
McAfee-GW-EditionBehavesLike.Win32.Fareit.jc
Trapminesuspicious.low.ml.score
SophosMal/FareitVB-X
GDataGen:Heur.PonyStealer.Mm0@gSqCbZji
JiangminBackdoor.NetWiredRC.aiv
AviraTR/AD.NetWiredRc.cyl
Antiy-AVLTrojan[Backdoor]/Win32.NetWiredRC
XcitiumMalware@#247uduui67gaq
ArcabitTrojan.PonyStealer.E0E8BC
ZoneAlarmHEUR:Trojan.Win32.Generic
MicrosoftVirTool:Win32/VBInject.AJH!bit
GoogleDetected
AhnLab-V3Win-Trojan/VBKrypt.RP09.X1977
VBA32Backdoor.NetWiredRC
ALYacGen:Heur.PonyStealer.Mm0@gSqCbZji
Cylanceunsafe
PandaTrj/RnkBend.A
TrendMicro-HouseCallTrojan.Win32.BAMAPANO.SM3.hp
RisingBackdoor.NetWiredRC!8.2AF (CLOUD)
YandexTrojan.GenAsa!oaEpSwlhXcE
IkarusTrojan.VB.Crypt
MaxSecureTrojan.Malware.74350982.susgen
FortinetW32/Injector.EFXH!tr
AVGWin32:Malware-gen
DeepInstinctMALICIOUS

How to remove Malware.AI.2960791114?

Malware.AI.2960791114 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment