Malware

Should I remove “Malware.AI.4222296296”?

Malware Removal

The Malware.AI.4222296296 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.4222296296 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Possible date expiration check, exits too soon after checking local time
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid

How to determine Malware.AI.4222296296?



File Info:

name: FC0E567FA725FBF2A109.mlw
path: /opt/CAPEv2/storage/binaries/89b8c365213208c2bec954441b1b70f9fec3312e33c6c8077bae64f069f46aa9
crc32: 55F3ED94
md5: fc0e567fa725fbf2a109d5457b31b660
sha1: 864a63fb53f6f7d16264fdd05f86dab9bcc8b406
sha256: 89b8c365213208c2bec954441b1b70f9fec3312e33c6c8077bae64f069f46aa9
sha512: ea258f2b22d33089a64549e93c73c21bcb50322d6340fcbba4e78e2e6f5dafad7d41121c4fe100a4dfb000dc6805e14123532a40519dfd2f67d1d2b8316f9bc7
ssdeep: 6144:26MFFuRd8rIDEPbTl6mo8F9JE3feefbUd6+APZ/NiRBNGAH3TyoeZ8:eFF+D66mo8iPFUd6VPZ/NohO
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T100948B7635A6E869D48481B4CDA0D5FE596CBC90CF5491C3F6C27F5FB2328E2AC3460A
sha3_384: 883a266f8b650cc530f23e52fcf6718e0f57a7588e1ffb7f56866981bfec3935589cc697651e6cb88fe128cc76f8720f
ep_bytes: 6a6068782e4400e8db080000bf940000
timestamp: 2013-02-25 15:05:05


Version Info:

CompanyName: Phrase noun
FileDescription: Order Enemy
FileVersion: 8.6.953.6
LegalCopyright: Copyright (c) 2011 Phrase noun. All rights reserved
ProductName: either
OriginalFilename: either.exe
ProductVersion: 8.6.953.6
Translation: 0x0409 0x04b0

Malware.AI.4222296296 also known as:

BkavW32.AIDetect.malware1
Elasticmalicious (high confidence)
DrWebTrojan.PWS.Panda.3629
MicroWorld-eScanGen:Variant.TDss.75
FireEyeGeneric.mg.fc0e567fa725fbf2
McAfeePWS-Zbot-FAOC!FC0E567FA725
CylanceUnsafe
SangforTrojan.Win32.Save.a
K7AntiVirusSpyware ( 0040f1961 )
AlibabaTrojanSpy:Win32/BScope.1e503141
K7GWSpyware ( 0040f1961 )
Cybereasonmalicious.fa725f
BitDefenderThetaGen:NN.ZexaF.34212.zq0@aWCq01hi
VirITTrojan.Win32.Generic.BXZM
CyrenW32/A-0e3ee5a0!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32Win32/Spy.Zbot.AAU
TrendMicro-HouseCallTROJ_GEN.R002C0DB922
AvastWin32:Trojan-gen
ClamAVWin.Trojan.Zbot-34516
KasperskyTrojan-Spy.Win32.Zbot.yzgx
BitDefenderGen:Variant.TDss.75
NANO-AntivirusTrojan.Win32.Panda.crcxnt
SUPERAntiSpywareTrojan.Agent/Gen-Dropper
TencentMalware.Win32.Gencirc.116a1d88
Ad-AwareGen:Variant.TDss.75
EmsisoftGen:Variant.TDss.75 (B)
ComodoMalware@#33s0iuht8ybm5
VIPRETrojan.Win32.Zbot.aaub (v)
TrendMicroTROJ_GEN.R002C0DB922
McAfee-GW-EditionPWS-Zbot-FAOC!FC0E567FA725
SophosML/PE-A + Mal/Zbot-KW
GDataGen:Variant.TDss.75
JiangminTrojanSpy.Zbot.cvsy
WebrootW32.Infostealer.Zeus
AviraTR/Crypt.ZPACK.Gen2
Antiy-AVLTrojan/Generic.ASMalwS.12C815
KingsoftWin32.Troj.Zbot.jh.(kcloud)
GridinsoftRansom.Win32.Zbot.sa
ViRobotTrojan.Win32.Z.Zbot.409600.P
MicrosoftPWS:Win32/Zbot
CynetMalicious (score: 99)
AhnLab-V3Spyware/Win32.Zbot.R54796
VBA32BScope.Malware-Cryptor.Zbot.2113
ALYacGen:Variant.TDss.75
MAXmalware (ai score=100)
MalwarebytesMalware.AI.4222296296
APEXMalicious
RisingSpyware.Zbot!8.16B (CLOUD)
YandexTrojanSpy.Zbot!tVAZ05qx99M
SentinelOneStatic AI – Malicious PE
FortinetW32/Zbot.ATA!tr
AVGWin32:Trojan-gen
PandaGeneric Malware
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Malware.AI.4222296296?

Malware.AI.4222296296 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment