Malware

What is “Malware.AI.746805268”?

Malware Removal

The Malware.AI.746805268 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.746805268 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Possible date expiration check, exits too soon after checking local time
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid

How to determine Malware.AI.746805268?



File Info:

name: 876C361372E5E386290D.mlw
path: /opt/CAPEv2/storage/binaries/369380f3fec83f2e5ceb042cf72ffca347d90a5aebb36bbef3b799e7c6910db7
crc32: 8D935493
md5: 876c361372e5e386290da9d7d40893b2
sha1: da901acdd34025eef2752b379626067f37f7f707
sha256: 369380f3fec83f2e5ceb042cf72ffca347d90a5aebb36bbef3b799e7c6910db7
sha512: 7fc9bd1973b7454580db9ef9fb662a94c4c870630697ad23d5fabbd7875da1f7675f8046f3bbfb0810caa15dc687f5d4369af872eecd3f5055d6b432670f9245
ssdeep: 3072:+GA+hXUjh/We53pJB07vTcU3WbowmbzQpL7hsB:+ehXyO85JSrq8bz+LCB
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T17BE31298F3950839EF9E8AF6147262551A6AFCF35E0B613D17120627AC3B670CD053BD
sha3_384: 8a28acb627fa11214f81508d1b38352130b7b037939383fac179e7101a290b6ca0d9e97a11c42c394c4527ebe03a36ec
ep_bytes: 558bec6aff6888204000689011400064
timestamp: 1970-01-01 07:35:17


Version Info:

CompanyName: Sysinternals - www.sysinternals.com
FileDescription: TCP/UDP endpoint viewer
FileVersion: 3.04
InternalName: TCPView
LegalCopyright: Copyright (C) 1998-2011 Mark Russinovich and Bryce Cogswell
ProductName: Sysinternals TCPView
ProductVersion: 3.04
Translation: 0x0409 0x04e4

Malware.AI.746805268 also known as:

BkavW32.AIDetect.malware2
Elasticmalicious (high confidence)
DrWebTrojan.PWS.Panda.547
MicroWorld-eScanGen:Variant.Zusy.786
FireEyeGeneric.mg.876c361372e5e386
ALYacGen:Variant.Zusy.786
CylanceUnsafe
ZillyaDropper.Injector.Win32.15307
K7AntiVirusTrojan ( 003ad93e1 )
K7GWTrojan ( 003ad93e1 )
Cybereasonmalicious.372e5e
BitDefenderThetaGen:NN.ZexaF.34084.jq1@aey6q@ki
SymantecML.Attribute.HighConfidence
ESET-NOD32Win32/Spy.Zbot.YW
APEXMalicious
ClamAVWin.Trojan.Agent-920927
KasperskyHEUR:Trojan-Spy.Win32.Zbot.gen
BitDefenderGen:Variant.Zusy.786
NANO-AntivirusVirus.Win32.Gen-Crypt.ccnc
AvastWin32:MalOb-JS [Cryp]
Ad-AwareGen:Variant.Zusy.786
EmsisoftGen:Variant.Zusy.786 (B)
ComodoTrojWare.Win32.Kryptik.ACAC@4n5bgz
VIPRETrojan.Win32.Generic!BT
McAfee-GW-EditionPWS-Zbot.gen.ben
SophosML/PE-A + Mal/EncPk-AEX
IkarusTrojan-PWS.Win32.Zbot
GDataGen:Variant.Zusy.786
JiangminTrojan.Generic.dwhja
AviraTR/Crypt.XPACK.Gen
MAXmalware (ai score=88)
Antiy-AVLTrojan/Win32.Unknown
MicrosoftPWS:Win32/Zbot
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Zbot.R21734
Acronissuspicious
McAfeePWS-Zbot.gen.ben
VBA32SScope.Trojan.FakeAV.01110
MalwarebytesMalware.AI.746805268
RisingTrojan.Generic@ML.100 (RDML:y0LeQkIUlAirqamXdUCTnQ)
YandexTrojanSpy.Zbot!W4cX1+dXGvU
SentinelOneStatic AI – Suspicious PE
eGambitUnsafe.AI_Score_99%
FortinetW32/Kryptik.WDQ!tr
AVGWin32:MalOb-JS [Cryp]
PandaTrj/Pacrypt.AC
CrowdStrikewin/malicious_confidence_90% (D)

How to remove Malware.AI.746805268?

Malware.AI.746805268 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment