Malware

Malware.AI.2977445798 removal instruction

Malware Removal

The Malware.AI.2977445798 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.2977445798 virus can do?

  • At least one process apparently crashed during execution
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Behavioural detection: Injection with CreateRemoteThread in a remote process
  • Created a process from a suspicious location
  • Network activity detected but not expressed in API logs

Related domains:

wpad.local-net

How to determine Malware.AI.2977445798?



File Info:

name: 527501864F0FEC233EC4.mlw
path: /opt/CAPEv2/storage/binaries/fe31f9f04529e00c72d2b8957d0ed1e4031c463b0850a68b04310b03827c6120
crc32: E8BA93EE
md5: 527501864f0fec233ec4eb0d1382e7ed
sha1: 384d81b5dbf1b4333d3898c9352b111bb5413d5b
sha256: fe31f9f04529e00c72d2b8957d0ed1e4031c463b0850a68b04310b03827c6120
sha512: 2baebf5ac0e772f4aa0f4a4b14b6d1118c75a4c16cfcb62cecc70476ab3168b666cc99512f91e3c2277c5dbf3a19927298d8069c6a7cb6e70a6f0ed6005472df
ssdeep: 6144:rGijCLluy0JCkI0INsbqb6vyMj8ZKhPFwbI0ej+dd3GZxoLGR2qOL:falSk6CsbHvDAZWl0fd3GkDn
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1EF54230B52C49FF7C79B473306B376BCD77AC898516A4AA717F02F3A5D7368A1006582
sha3_384: 8d8b5fd36f3c98b8f25418a545aa25e2132125b14f2c8f77a97bd860e7b246a9c51ee2bfc851de3b8a3b316a5b28b364
ep_bytes: 81ec8001000053555633db57895c2418
timestamp: 2008-10-10 21:49:01


Version Info:

0: [No Data]

Malware.AI.2977445798 also known as:

BkavW32.AIDetect.malware2
LionicTrojan.Win32.Generic.4!c
MicroWorld-eScanDropped:Trojan.GenericKDZ.80642
FireEyeDropped:Trojan.GenericKDZ.80642
McAfeeRDN/Generic.dx
SangforSuspicious.Win32.Save.a
AlibabaTrojan:Win32/Injector.1a87a472
K7AntiVirusTrojan ( 0058ad961 )
CyrenW32/Injector.AQP.gen!Eldorado
SymantecPacked.Generic.606
ESET-NOD32a variant of Win32/Injector.EQPP
APEXMalicious
Paloaltogeneric.ml
KasperskyHEUR:Trojan.Win32.Inject.gen
BitDefenderDropped:Trojan.GenericKDZ.80642
AvastWin32:Malware-gen
Ad-AwareDropped:Trojan.GenericKDZ.80642
SophosMal/Generic-S
ComodoTrojWare.Win32.Agent.hqust@0
TrendMicroTROJ_FRS.VSNTKP21
McAfee-GW-EditionBehavesLike.Win32.Dropper.dc
EmsisoftDropped:Trojan.GenericKDZ.80642 (B)
IkarusTrojan.Win32.Injector
GDataWin32.Trojan-Stealer.FormBook.0H5OON
KingsoftWin32.Troj.Undef.(kcloud)
GridinsoftRansom.Win32.Sabsik.sa
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
CynetMalicious (score: 100)
ALYacDropped:Trojan.GenericKDZ.80642
MAXmalware (ai score=87)
MalwarebytesMalware.AI.2977445798
TrendMicro-HouseCallTROJ_FRS.VSNTKP21
SentinelOneStatic AI – Suspicious PE
FortinetW32/PossibleThreat
AVGWin32:Malware-gen

How to remove Malware.AI.2977445798?

Malware.AI.2977445798 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment