Malware

How to remove “Malware.AI.2963964118”?

Malware Removal

The Malware.AI.2963964118 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.2963964118 virus can do?

  • At least one process apparently crashed during execution
  • Executable code extraction
  • Attempts to connect to a dead IP:Port (1 unique times)
  • Presents an Authenticode digital signature
  • Creates RWX memory
  • Starts servers listening on 127.0.0.1:0
  • A process created a hidden window
  • Drops a binary and executes it
  • The binary likely contains encrypted or compressed data.
  • A scripting utility was executed
  • Uses Windows utilities for basic functionality
  • Attempts to repeatedly call a single API many times in order to delay analysis time
  • Creates a hidden or system file

Related domains:

spark.lightburst.xyz

How to determine Malware.AI.2963964118?



File Info:

crc32: FF7C4758
md5: a90feb9b28a784657ec9a9b2a7bd7122
name: A90FEB9B28A784657EC9A9B2A7BD7122.mlw
sha1: f14119fd48faf4e67f2830377e59c971e97bb655
sha256: a75947e7809e5629f8a4119f06834d01c0a09bb2f25c2a1527caf37f685d4292
sha512: 5549aadd34e6c2bd64d7623c4a2959b9d7f10e4e14665532dbfc16a5e1e5e9482514640591a4ecb8ccae5b93af2c93146df46700db0f4f9bfab59627a4cf570f
ssdeep: 24576:rJeo26y1eqAyY6fNC1TawJXO+Tb5OMvicKt:R92NC1TawJ/gcKt
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

0: [No Data]

Malware.AI.2963964118 also known as:

DrWebTrojan.MulDrop17.51687
CynetMalicious (score: 100)
ALYacDropped:Trojan.GenericKD.37118291
CrowdStrikewin/malicious_confidence_60% (W)
Cybereasonmalicious.b28a78
CyrenW32/Trojan.DVFH-5076
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/TrojanDropper.Agent.SNM
AvastWin32:DropperX-gen [Drp]
KasperskyHEUR:Trojan.Win32.Agent.gen
BitDefenderDropped:Trojan.GenericKD.37118291
MicroWorld-eScanDropped:Trojan.GenericKD.37118291
Ad-AwareDropped:Trojan.GenericKD.37118291
SophosMal/Generic-S
McAfee-GW-EditionArtemis
FireEyeGeneric.mg.a90feb9b28a78465
EmsisoftDropped:Trojan.GenericKD.37118291 (B)
AviraTR/AD.Injector.khogg
eGambitPE.Heur.InvalidSig
MicrosoftTrojan:Win32/Glupteba!ml
GDataWin32.Application.iObit.B
AhnLab-V3Trojan/Win.Generic.C4529195
McAfeeGenericRXOY-CG!A90FEB9B28A7
MAXmalware (ai score=89)
MalwarebytesMalware.AI.2963964118
PandaTrj/Genetic.gen
YandexTrojan.DR.Agent!ilpNbpCLusg
IkarusTrojan-PSW.Discord
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Dloader.281!tr
AVGWin32:DropperX-gen [Drp]

How to remove Malware.AI.2963964118?

Malware.AI.2963964118 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment