Malware

Malware.AI.2988799359 removal tips

Malware Removal

The Malware.AI.2988799359 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.2988799359 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • Unconventionial language used in binary resources: Ukrainian
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Malware.AI.2988799359?



File Info:

name: 489C532EE79913C1363C.mlw
path: /opt/CAPEv2/storage/binaries/887322c50371580066c8ebb6830f4dd374e6b63aa9b428b0d8e9e0ad51a7cbfc
crc32: 62D2BBD9
md5: 489c532ee79913c1363c048fe94c2f1b
sha1: cce6c97ca4eb987db6afc234008e4deca87e6440
sha256: 887322c50371580066c8ebb6830f4dd374e6b63aa9b428b0d8e9e0ad51a7cbfc
sha512: 51cecc7a7c4d933d76284b769850096238a6cca8531b3d34390f04b5dd53d991c38340128583a39d0f8a81a38eee9ce3b1f9df3e9f12807e24a09da450897a43
ssdeep: 24576:9P0gayaYmD9V1SdiOTwOADZS5P/vaedx8jPmH:9P0gayaDDDO6OR
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T12A258D22F6C0C437D5B22B79CC5BC1D55829BE242D38AC477AE92F0C5F7968279262C7
sha3_384: 55def7d959b7ba86bf4128d0d3da43002595e5411d05a95d3d81cf606ab0e0ed34a68ef258c0caf79c1dd65ed259fd3e
ep_bytes: 558becb9260000006a006a004975f951
timestamp: 1992-06-19 22:22:17


Version Info:

Comments: 
CompanyName: Click And Deploy (Pte. Ltd.)
FileDescription: AlertDispatcher Console
FileVersion: 8.115.1008.0
InternalName: AlertDispatcher
LegalCopyright: Click And Deploy (Pte. Ltd.)
OriginalFilename: 
PrivateBuild: 
ProductName: AlertDispatcher
ProductVersion: 8.115.1008.0
Translation: 0x4809 0x04b0

Malware.AI.2988799359 also known as:

LionicHacktool.Win32.Convagent.x!c
MicroWorld-eScanGen:Variant.Ulise.321765
FireEyeGen:Variant.Ulise.321765
McAfeeGenericRXAA-AA!489C532EE799
ZillyaTrojan.Dico.Win32.374
K7AntiVirusRiskware ( 00584baa1 )
K7GWRiskware ( 00584baa1 )
SymantecTrojan.Gen.MBT
TrendMicro-HouseCallTROJ_GEN.R002H07KO21
KasperskyVHO:Packed.Win32.Convagent.gen
BitDefenderGen:Variant.Ulise.321765
AvastFileRepMalware
EmsisoftGen:Variant.Ulise.321765 (B)
McAfee-GW-EditionBehavesLike.Win32.Dropper.dh
SophosMal/Generic-S
APEXMalicious
GDataWin32.Trojan.PSE.1ALBID1
WebrootW32.Trojan.Gen
MAXmalware (ai score=80)
Antiy-AVLTrojan/Generic.ASMalwS.34D538D
ViRobotTrojan.Win32.Z.Ulise.970240.F
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
AhnLab-V3Trojan/Win.Generic.C4782226
VBA32TScope.Trojan.Delf
ALYacGen:Variant.Ulise.321765
MalwarebytesMalware.AI.2988799359
FortinetW32/PossibleThreat
AVGFileRepMalware
PandaTrj/GdSda.A

How to remove Malware.AI.2988799359?

Malware.AI.2988799359 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment