Malware

What is “Malware.AI.31909473”?

Malware Removal

The Malware.AI.31909473 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.31909473 virus can do?

  • Executable code extraction
  • Attempts to connect to a dead IP:Port (1 unique times)
  • Creates RWX memory
  • Reads data out of its own binary image
  • Performs some HTTP requests
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Uses Windows utilities for basic functionality
  • Creates a hidden or system file
  • Attempts to modify proxy settings

Related domains:

z.whorecord.xyz
liquidmiracle.top
a.tomx.xyz
www.bing.com

How to determine Malware.AI.31909473?



File Info:

crc32: D759A1BA
md5: ba71faa286417bdfa8585be68640a070
name: BA71FAA286417BDFA8585BE68640A070.mlw
sha1: cacd575345454eaa8ac0a21e27d463cfef6ee447
sha256: 2e0e0001d64ff77f6242f82b85e9d5d9aa7f584adae9157bfcd19759af3104a2
sha512: 978dcb2fd0d48ee3f4f21ca9da22916021e561bec12575207dd23434a7390283d4ccea5d5532152b863f23442c50a5f840429092819855b33f4c8e8da42b1961
ssdeep: 24576:1C62EjqGxna6OrRsEva64wWLSWBu/VOi0uQ5q3h3gIK:rDjqEMRsEvMYK
type: PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed


Version Info:

LegalCopyright: t8ywergdfgh herjhj first.LegalCopyright
InternalName: r7thwtgest.InternalName
FileVersion: e6rdhertjjtryjdtyjt rtjyh jrtuk first.FileVersion
CompanyName: q4wvdfghhdName
LegalTrademarks1: y9udfhcvbjh herth first.LegalTrademarks1
LegalTrademarks2: u0icvbnerth gwet first.LegalTrademarks2
ProductName: ow5zxfge erg dftyh first.ProductName
ProductVersion: pe 6hrtrst.ProductVersion
FileDescription: w5et.FileDescription
OriginalFilename: iqodg afdg gerth first.OriginalFilename
Translation: 0x0409 0x04e4

Malware.AI.31909473 also known as:

BkavW32.AIDetect.malware2
LionicTrojan.Win32.Generic.a!c
Elasticmalicious (high confidence)
DrWebTrojan.InstallMonster.2527
ALYacTrojan.Downloader.JUBZ
CylanceUnsafe
ZillyaAdware.TOVus.Win32.60
CrowdStrikewin/malicious_confidence_60% (D)
K7GWTrojan-Downloader ( 005232c31 )
K7AntiVirusTrojan-Downloader ( 005232c31 )
CyrenW32/S-3d06037d!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/TrojanDownloader.Tovkater.IE
APEXMalicious
AvastWin32:Malware-gen
CynetMalicious (score: 100)
KasperskyHEUR:Trojan-Downloader.Win32.Generic
BitDefenderTrojan.Downloader.JUBZ
NANO-AntivirusTrojan.Win32.InstallMonster.exejlx
MicroWorld-eScanTrojan.Downloader.JUBZ
TencentMalware.Win32.Gencirc.10b0d53d
Ad-AwareTrojan.Downloader.JUBZ
SophosMal/Generic-S
ComodoTrojWare.Win32.TrojanDownloader.Tovkater.GCP@7ln01b
BitDefenderThetaGen:NN.ZexaF.34170.VnNfaqO0vAei
VIPRETrojan.Win32.Generic!BT
McAfee-GW-EditionBehavesLike.Win32.Generic.th
FireEyeGeneric.mg.ba71faa286417bdf
EmsisoftTrojan.Downloader.JUBZ (B)
SentinelOneStatic AI – Suspicious PE
JiangminTrojanDownloader.Generic.aysd
AviraTR/Crypt.XPACK.Gen7
eGambitUnsafe.AI_Score_81%
Antiy-AVLTrojan/Generic.ASMalwS.23F790A
MicrosoftTrojan:Win32/Wacatac.B!ml
ZoneAlarmHEUR:Trojan-Downloader.Win32.Generic
GDataTrojan.Downloader.JUBZ
AhnLab-V3Trojan/Win32.Downloader.C2346000
McAfeeArtemis!BA71FAA28641
MAXmalware (ai score=98)
VBA32AdWare.TOVus
MalwarebytesMalware.AI.31909473
PandaTrj/CI.A
YandexTrojan.GenAsa!IfHHhlWz+uA
IkarusTrojan-Downloader.Win32.Tovkater
MaxSecureTrojan.Malware.3771246.susgen
FortinetW32/Tovkater.IE!tr
AVGWin32:Malware-gen
Paloaltogeneric.ml

How to remove Malware.AI.31909473?

Malware.AI.31909473 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment