Malware.AI.72991773 (file analysis)

The Malware.AI.72991773 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Malware.AI.72991773 virus can do?

Executable code extraction
Presents an Authenticode digital signature
Creates RWX memory
A process created a hidden window
Uses Windows utilities for basic functionality
Installs itself for autorun at Windows startup
Attempts to identify installed AV products by registry key
Anomalous binary characteristics

Related domains:

z.whorecord.xyz

a.tomx.xyz

How to determine Malware.AI.72991773?


File Info:
crc32: EE4385F1
md5: 37c8d4b50b8f4cb3eebdc4ccb4bb91ac
name: 37C8D4B50B8F4CB3EEBDC4CCB4BB91AC.mlw
sha1: 4b40c6a64d60c32c050cc4e1bd605b7106a5bac9
sha256: 211c29bd46f9328498074722518211a6c48c6c0e6e422c473fae06ad48a890bd
sha512: d9ac56136a7dbd666cfc7a806b50b3383128b54b01f1aaf81b9c43aeb946a7c66cc4008db75f410257e1cd796df230312e08250b0718cbdedc65aeebb3f25c64
ssdeep: 6144:GUV9M+a+i2a+i2a+i2a+i2a+i2a+i2aiKQqk:t90i
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
LegalCopyright: xa9Qihu 360 Software Co., Ltd. All rights reserved.
InternalName: SystemRegistryClean
FileVersion: 1, 0, 0, 1003
CompanyName: QIHU 360 SOFTWARE CO. LIMITED
ProductName: 360 SystemRegistryClean
ProductVersion: 1, 0, 0, 1003
FileDescription: 360 SystemRegistryClean
OriginalFilename: SystemRegistryClean.exe
Translation: 0x0409 0x04b0

Malware.AI.72991773 also known as:

Bkav	W32.AIDetect.malware1
K7AntiVirus	Trojan ( 0053485e1 )
Lionic	Trojan.Win32.Yakes.4!c
Elastic	malicious (high confidence)
DrWeb	Trojan.Siggen7.55423
Cynet	Malicious (score: 99)
CAT-QuickHeal	Trojan.Mauvaise.SL1
ALYac	Trojan.Mint.Zamg.O
Cylance	Unsafe
Zillya	Trojan.Yakes.Win32.68933
Sangfor	Trojan.Win32.Save.a
CrowdStrike	win/malicious_confidence_100% (W)
Alibaba	Trojan:Win32/Bunitu.ali1000105
K7GW	Trojan ( 0053485e1 )
Cybereason	malicious.50b8f4
Cyren	W32/Trojan.BUF.gen!Eldorado
Symantec	Ransom.Hermes
ESET-NOD32	a variant of Win32/Kryptik.GHOY
APEX	Malicious
Avast	Win32:DangerousSig [Trj]
ClamAV	Win.Dropper.Bunitu-9895212-0
Kaspersky	HEUR:Trojan.Win32.NetStream.gen
BitDefender	Trojan.Mint.Zamg.O
NANO-Antivirus	Trojan.Win32.Yakes.ffaaef
MicroWorld-eScan	Trojan.Mint.Zamg.O
Tencent	Malware.Win32.Gencirc.10ba529d
Ad-Aware	Trojan.Mint.Zamg.O
Sophos	Mal/Generic-S
Comodo	TrojWare.Win32.TrojanProxy.Bunitu.GHF@7otpks
BitDefenderTheta	Gen:NN.ZexaF.34294.vq1@a0LEguni
VIPRE	Trojan.Win32.Generic!BT
TrendMicro	Ransom.Win32.SHADE.SMB.hp
McAfee-GW-Edition	Trickbot-FRDP!37C8D4B50B8F
FireEye	Generic.mg.37c8d4b50b8f4cb3
Emsisoft	Trojan.Mint.Zamg.O (B)
Jiangmin	Trojan.Yakes.aaec
Avira	HEUR/AGEN.1127900
Antiy-AVL	Trojan/Generic.ASMalwS.26CF0DF
Microsoft	TrojanProxy:Win32/Bunitu.Q!bit
Arcabit	Trojan.Mint.Zamg.O
GData	Trojan.Mint.Zamg.O
AhnLab-V3	Trojan/Win32.Bunitu.R231197
Acronis	suspicious
McAfee	Trickbot-FRDP!37C8D4B50B8F
MAX	malware (ai score=99)
VBA32	BScope.Trojan.Yakes
Malwarebytes	Malware.AI.72991773
Panda	Trj/GdSda.A
TrendMicro-HouseCall	Ransom.Win32.SHADE.SMB.hp
Rising	Trojan.Kryptik!1.B2B8 (CLASSIC)
Yandex	Trojan.GenAsa!aq6nWA3cxKI
Ikarus	Trojan-Ransom.Crypted007
Fortinet	W32/Kryptik.GLWT!tr
AVG	Win32:DangerousSig [Trj]
Paloalto	generic.ml

How to remove Malware.AI.72991773?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

Malware.AI.72991773 (file analysis)