Malware

Malware.AI.373779645 information

Malware Removal

The Malware.AI.373779645 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.373779645 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Presents an Authenticode digital signature
  • Creates RWX memory
  • Possible date expiration check, exits too soon after checking local time
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Malware.AI.373779645?



File Info:

name: 06CE225E850F11DDEA7C.mlw
path: /opt/CAPEv2/storage/binaries/31ccf5c5731b988c87c1effe70159c0cda2953672e6431c772816d7ecb949e3d
crc32: F2B94D55
md5: 06ce225e850f11ddea7c62343023ef37
sha1: 08cb66e6a945b89331fc01647c437f5407ffbaf6
sha256: 31ccf5c5731b988c87c1effe70159c0cda2953672e6431c772816d7ecb949e3d
sha512: 6edeadb55a7eed8a10c7b3d71e86ba1a3b8e924d282c0706f836974e350a79a3bd72a8ef7a87086aff0f942465b1fa01d617d7daa9131d62654bd76d78aaa5fe
ssdeep: 6144:JB82ev8CcOsW1D8fBU3Ev8a6dRPMfbt4xb7s5evZBhjd:Jm2evXfsgofy3HREfbSbfvZB
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1C7840191C2D48628DAFE9F3B18E8A0114EDF6F15485766FA64E48CFC22BD7437A1132C
sha3_384: 7194ee714afc380b379d0a645324963f301e2ad117afa50749ef15b605f922536009e82bda993ff7dc803bc12651ebd4
ep_bytes: 558bec81ecc8000000535657892d60dc
timestamp: 2012-05-06 16:20:18


Version Info:

CompanyName: Microsoft Corporation
FileDescription: Solitaire Game Applet
FileVersion: 5.00.2138.1
InternalName: sol.exe
LegalCopyright: Copyright (C) Microsoft Corp. 1981-1999
OriginalFilename: sol.exe
ProductName: Microsoft(R) Windows (R) 2000 Operating System
ProductVersion: 5.00.2138.1
Translation: 0x0409 0x04b0

Malware.AI.373779645 also known as:

BkavW32.AIDetect.malware2
tehtrisGeneric.Malware
MicroWorld-eScanGen:Variant.Bulz.27710
FireEyeGeneric.mg.06ce225e850f11dd
CAT-QuickHealTrojanPWS.Zbot.Y
ALYacGen:Variant.Bulz.27710
CylanceUnsafe
VIPREGen:Variant.Bulz.27710
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 0040f02a1 )
K7GWTrojan ( 0040f02a1 )
Cybereasonmalicious.e850f1
VirITTrojan.Win32.Banker.HZ
CyrenW32/Zbot.DQ.gen!Eldorado
SymantecPacked.Generic.459
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Kryptik.AFDO
APEXMalicious
ClamAVWin.Packed.Zbot-9956505-0
KasperskyPacked.Win32.Krap.iu
BitDefenderGen:Variant.Bulz.27710
NANO-AntivirusTrojan.Win32.Krap.rdqkr
SUPERAntiSpywareTrojan.Agent/Gen-Kryptik
AvastWin32:Crypt-MYT [Trj]
TencentMalware.Win32.Gencirc.10b3ece5
Ad-AwareGen:Variant.Bulz.27710
SophosML/PE-A + Mal/Zbot-KK
ComodoTrojWare.Win32.Kryptik.AFGB@4om0p2
DrWebTrojan.PWS.Panda.2122
ZillyaTrojan.Kryptik.Win32.235610
TrendMicroTROJ_AGENT_031737.TOMB
McAfee-GW-EditionPWS-Zbot.gen.bex
Trapminemalicious.high.ml.score
EmsisoftGen:Variant.Bulz.27710 (B)
SentinelOneStatic AI – Malicious PE
GDataGen:Variant.Bulz.27710
JiangminPacked.Krap.ejcx
AviraTR/Crypt.XPACK.Gen
MicrosoftPWS:Win32/Zbot.gen!AF
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Zbot.R24471
McAfeePWS-Zbot.gen.bex
MAXmalware (ai score=83)
VBA32BScope.Malware-Cryptor.SB.01798
MalwarebytesMalware.AI.373779645
TrendMicro-HouseCallTROJ_AGENT_031737.TOMB
RisingTrojan.Generic@AI.99 (RDML:0jCPXWr3wZ/DliGuAU9E7Q)
YandexTrojan.GenAsa!91WNA04Vf0A
IkarusPacker.Win32.Krap
FortinetW32/ZBOT.HL!tr
BitDefenderThetaGen:NN.ZexaF.34806.xq1@aSUyJ2bi
AVGWin32:Crypt-MYT [Trj]
PandaBck/Qbot.AO
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Malware.AI.373779645?

Malware.AI.373779645 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment