Malware.AI.3636147214 malicious file

The Malware.AI.3636147214 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Malware.AI.3636147214 virus can do?

Possible date expiration check, exits too soon after checking local time
Attempts to connect to a dead IP:Port (9 unique times)
At least one IP Address, Domain, or File Name was found in a crypto call
Starts servers listening on 127.0.0.1:0
A process created a hidden window
Drops a binary and executes it
Performs some HTTP requests
The binary likely contains encrypted or compressed data.
Deletes its original binary from disk
Attempts to modify proxy settings
Attempts to create or modify system certificates
Collects information to fingerprint the system
Anomalous binary characteristics

Related domains:

z.whorecord.xyz

launchermeta.mojang.com

a.tomx.xyz

x.ss2.us

o.ss2.us

ocsp.rootg2.amazontrust.com

ocsp.rootca1.amazontrust.com

launcher.mojang.com

crl.rootca1.amazontrust.com

How to determine Malware.AI.3636147214?


File Info:
crc32: EE6D03A7
md5: 2dd5a392d80f7fe89946f6fca6fd82e2
name: 2DD5A392D80F7FE89946F6FCA6FD82E2.mlw
sha1: 562a93468c5749b843cf1c14390ce5c72c3c8130
sha256: 90558effd39b3f059b67c8d66e6c23965e77c4272fd93668e2487bba885fe830
sha512: 8145dc255ff92798e6abc11d1d43ac4197b12d020a0c441403324e3c98d008c711c0ed1d3b7f91a369b21dcc7fefd0eeb48ad73e87d3ec615902799230be218c
ssdeep: 49152:xQ/d8w1KH+P1DQKVBUL9bYngTbT02rHEK1:xQ/dV1bPpBUL9s+vrHf1
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
0: [No Data]

Malware.AI.3636147214 also known as:

K7AntiVirus	Trojan ( 004020ef1 )
Elastic	malicious (high confidence)
DrWeb	BackDoor.Comet.152
Cynet	Malicious (score: 100)
CAT-QuickHeal	Trojan.BlockerRI.S14012074
ALYac	Backdoor.Generic.755288
Cylance	Unsafe
Sangfor	Trojan.Win32.Save.a
CrowdStrike	win/malicious_confidence_100% (D)
Alibaba	TrojanDropper:Win32/Blocker.ef8901a5
K7GW	Trojan ( 004020ef1 )
Cybereason	malicious.2d80f7
Baidu	Win32.Trojan-Dropper.Agent.ca
Cyren	W32/Agent.NXNL-3094
ESET-NOD32	Win32/TrojanDropper.Agent.PYN
APEX	Malicious
Avast	Win32:Malware-gen
ClamAV	Win.Trojan.Darkkomet-7139847-0
Kaspersky	Trojan-Ransom.Win32.Blocker.hrft
BitDefender	Backdoor.Generic.755288
NANO-Antivirus	Trojan.Win32.Tordev.bcihzf
MicroWorld-eScan	Backdoor.Generic.755288
Tencent	Trojan-Ransom.Win32.Blocker.a
Ad-Aware	Backdoor.Generic.755288
Sophos	Mal/Generic-S
Comodo	TrojWare.Win32.Agent.pyn@54cqtm
BitDefenderTheta	AI:Packer.0DFFE3EE1C
VIPRE	Trojan-Dropper.Win32.Effbee.a (v)
McAfee-GW-Edition	BehavesLike.Win32.MultiPlug.tc
FireEye	Generic.mg.2dd5a392d80f7fe8
Emsisoft	Backdoor.Generic.755288 (B)
SentinelOne	Static AI – Malicious PE
Jiangmin	Backdoor/DarkKomet.kwk
Avira	TR/Patched.Ren.Gen2
Antiy-AVL	Trojan/Generic.ASMalwS.15994D
Kingsoft	Heur.SSC.2700553.0111.(kcloud)
Microsoft	TrojanDropper:Win32/Effbee.A
GData	Win32.Trojan-Dropper.BeiF.A
AhnLab-V3	Backdoor/Win32.DarkKomet.R48242
McAfee	GenericRXAA-AA!2DD5A392D80F
MAX	malware (ai score=100)
Malwarebytes	Malware.AI.3636147214
Panda	Trj/Genetic.gen
Rising	Trojan.Generic@ML.100 (RDML:As0CE92tBZOQr6YOvojPPw)
Yandex	Trojan.GenAsa!N71EllaXIy8
Ikarus	Trojan.SuspectCRC
MaxSecure	Trojan.Malware.8756622.susgen
Fortinet	W32/Dropper.PYN!tr
AVG	Win32:Malware-gen
Paloalto	generic.ml

How to remove Malware.AI.3636147214?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

Malware.AI.3636147214 malicious file