Malware

Malware.AI.4021611501 removal

Malware Removal

The Malware.AI.4021611501 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.4021611501 virus can do?

  • Executable code extraction
  • Injection (inter-process)
  • Injection (Process Hollowing)
  • Creates RWX memory
  • A process attempted to delay the analysis task.
  • Reads data out of its own binary image
  • A process created a hidden window
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Uses Windows utilities for basic functionality
  • Executed a process and injected code into it, probably while unpacking
  • Attempts to modify desktop wallpaper
  • Exhibits behavior characteristic of Cerber ransomware
  • Attempts to execute a binary from a dead or sinkholed URL
  • Writes a potential ransom message to disk
  • Attempts to modify proxy settings
  • Attempts to access Bitcoin/ALTCoin wallets
  • Collects information to fingerprint the system

How to determine Malware.AI.4021611501?



File Info:

crc32: 37A6C51F
md5: f2cd8b3e7a4a7fd1887f8cfc58f0101c
name: F2CD8B3E7A4A7FD1887F8CFC58F0101C.mlw
sha1: aa3ff812ed8ec354dbf58c5df2cba2d672f154e2
sha256: b7bee3b952a87146284e4ec2c40e377a5b4c8905ff3bfb42af5f566286b020ee
sha512: c4c68fda206226e6bcf26874b743c3619d7c114a64e8471b56723ac6048aca37fd27722c81fadffd5af8f4b8f008e3a61f23498713b4356cfe81e02e1ed6f9e3
ssdeep: 6144:6s+XewhsLtfGmtqtohVx4KValHlLqb9RyTQKsAB02KdggVPZsfim6pgJL:67hsJf1tqlK0lHlLqb9RyUYu2SPZgqgt
type: PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed


Version Info:

LegalCopyright: Copyright (C) 2017
InternalName: Pchild3.exe
FileVersion: 1.0.0.1
CompanyName: TODO: 
ProductName: TODO: 
ProductVersion: 1.0.0.1
FileDescription: TODO: 
OriginalFilename: Pchild3.exe
Translation: 0x040c 0x04b0

Malware.AI.4021611501 also known as:

BkavW32.AIDetect.malware1
K7AntiVirusTrojan ( 0050974f1 )
Elasticmalicious (high confidence)
DrWebTrojan.Inject2.51586
CynetMalicious (score: 100)
CAT-QuickHealRansom.Crysis.A5
ALYacTrojan.Ransom.Cerber.LP
CylanceUnsafe
ZillyaTrojan.Filecoder.Win32.4525
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaTrojan:Win32/Cerber.2517b02a
K7GWTrojan ( 0050974f1 )
Cybereasonmalicious.e7a4a7
CyrenW32/Trojan.GVBW-0346
SymantecRansom.Cerber!g34
ESET-NOD32Win32/Filecoder.Cerber.I
APEXMalicious
AvastWin32:Rootkit-gen [Rtk]
ClamAVWin.Ransomware.Cerber-9783371-0
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderTrojan.Ransom.Cerber.LP
NANO-AntivirusTrojan.Win32.Pakes.emxobb
ViRobotTrojan.Win32.Cerber.286578
MicroWorld-eScanTrojan.Ransom.Cerber.LP
TencentMalware.Win32.Gencirc.10b650c5
Ad-AwareTrojan.Ransom.Cerber.LP
SophosMal/Cerber-V
ComodoMalware@#7pr27x3dblg4
BitDefenderThetaGen:NN.ZexaF.34628.rmNfaCD!VCcm
VIPRETrojan.Win32.Generic!BT
TrendMicroMal_Cerber-24
McAfee-GW-EditionBehavesLike.Win32.Generic.dc
FireEyeGeneric.mg.f2cd8b3e7a4a7fd1
EmsisoftTrojan.Ransom.Cerber.LP (B)
SentinelOneStatic AI – Malicious PE
JiangminTrojan.Zerber.bdd
AviraHEUR/AGEN.1109078
eGambitUnsafe.AI_Score_98%
MicrosoftRansom:Win32/Cerber!rfn
ArcabitTrojan.Ransom.Cerber.LP
AegisLabTrojan.Win32.Generic.4!c
GDataTrojan.Ransom.Cerber.LP
TACHYONRansom/W32.Agent.355187
AhnLab-V3Trojan/Win32.Zerber.R200301
McAfeeRansomware-FMEE!F2CD8B3E7A4A
MAXmalware (ai score=100)
VBA32BScope.Trojan.Inject
MalwarebytesMalware.AI.4021611501
PandaTrj/Genetic.gen
TrendMicro-HouseCallMal_Cerber-24
RisingRansom.Cerber!8.3058 (TFE:5:A4XOzMy7GkQ)
YandexTrojan.GenAsa!3VuWqyb+i0s
IkarusTrojan.Win32.Filecoder
FortinetW32/Injector.DNUG!tr
AVGWin32:Rootkit-gen [Rtk]
Qihoo-360Win32/Ransom.Cerber.HwsB8dsA

How to remove Malware.AI.4021611501?

Malware.AI.4021611501 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment