Malware

Malware.AI.4274352210 information

Malware Removal

The Malware.AI.4274352210 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.4274352210 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Possible date expiration check, exits too soon after checking local time
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Unconventionial language used in binary resources: Russian
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid

How to determine Malware.AI.4274352210?



File Info:

name: C99FFE0EE77F9B204FB9.mlw
path: /opt/CAPEv2/storage/binaries/e225ebbed1acca777c131df163302bfca89fe60fa3a10514c45f5dbf55c59922
crc32: 8D155E44
md5: c99ffe0ee77f9b204fb9cad2522c6cfa
sha1: 27ef6301b61c3fae747b8522d014c2e604fab75a
sha256: e225ebbed1acca777c131df163302bfca89fe60fa3a10514c45f5dbf55c59922
sha512: d04833d5588fc190abad062e713651ee1a93591a90da4f3710d4e6e30bd829fb59141928fd034f4214269bae9a57bb9634353a6656920401c7cb406a36ced070
ssdeep: 3072:bEuE1NB612aEo+6NSsVNzzJtIduXBbhgL206lGnJj:byQ/+gzMduXgy060
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T16FD3125DB09ACDBBE311F73478DDDBA08245D5F443BE0AD67A85680EA2C23B538035E6
sha3_384: e7616b5cb398066a92ca87ee2538a3911d935b4d0481c083b6e32872413a4618d8abeb0fbcbfd4cb3d6caf5a01f18677
ep_bytes: 60be153042008dbeebdffdff57eb0b90
timestamp: 2008-10-18 22:01:41


Version Info:

CompanyName: Kiqybnwy Irfuqluj
FileDescription: Kiqybnwy Hwais Sjtrophu
FileVersion: 49, 23, 28, 1
InternalName: Kiqybnwy
LegalCopyright: Copyright © Kiqybnwy Irfuqluj 1995-2009
OriginalFilename: Kiqybnwy.exe
ProductName: Kiqybnwy Hwais Sjtrophu
ProductVersion: 11, 106, 48, 52
Translation: 0x0409 0x04e4

Malware.AI.4274352210 also known as:

BkavW32.MosquitoQKK.Fam.Trojan
Elasticmalicious (high confidence)
DrWebTrojan.Packed.21467
MicroWorld-eScanGen:Heur.VIZ.2
FireEyeGeneric.mg.c99ffe0ee77f9b20
CAT-QuickHealWorm.SlenfBot.Gen
ALYacGen:Heur.VIZ.2
CylanceUnsafe
ZillyaWorm.Kolab.Win32.5374
SangforTrojan.Win32.Zbot.ZA
K7AntiVirusTrojan ( f1000f011 )
AlibabaTrojanPSW:Win32/Kryptik.27cebbf5
K7GWTrojan ( f1000f011 )
Cybereasonmalicious.ee77f9
ArcabitTrojan.VIZ.2
BitDefenderThetaAI:Packer.87FE560521
VirITTrojan.Win32.Generic.ALHA
CyrenW32/Zbot.CN.gen!Eldorado
SymantecW32.Qakbot!gen5
ESET-NOD32a variant of Win32/Kryptik.LJO
TrendMicro-HouseCallBKDR_QAKBOT.SMG
CynetMalicious (score: 100)
KasperskyTrojan-Spy.Win32.Zbot.aabbj
BitDefenderGen:Heur.VIZ.2
NANO-AntivirusTrojan.Win32.Kolab.ciduv
SUPERAntiSpywareTrojan.Agent/Gen-Cryptic
AvastWin32:Kryptik-APZ [Trj]
RisingTrojan.Kryptik!8.8 (CLOUD)
Ad-AwareGen:Heur.VIZ.2
EmsisoftGen:Heur.VIZ.2 (B)
ComodoTrojWare.Win32.TrojanSpy.Zbot.G@2tckk5
VIPRETrojan.Win32.Kryptik.mcf (v)
TrendMicroBKDR_QAKBOT.SMG
McAfee-GW-EditionW32/Pinkslipbot.gen.af
SophosMal/Generic-S + Mal/FakeAV-IU
IkarusBackdoor.Win32.Rbot
JiangminWorm/Kolab.gyf
WebrootW32.Malware.Gen
AviraTR/Crypt.XPACK.Gen
Antiy-AVLTrojan/Generic.ASMalwS.CFCC41
MicrosoftPWS:Win32/Zbot!ml
ViRobotWorm.Win32.A.Net-Kolab.136192.D
ZoneAlarmTrojan-Spy.Win32.Zbot.aabbj
GDataGen:Heur.VIZ.2
McAfeeW32/Pinkslipbot.gen.af
MAXmalware (ai score=100)
VBA32Trojan.Zeus.EA.0999
MalwarebytesMalware.AI.4274352210
APEXMalicious
TencentMalware.Win32.Gencirc.114c757f
YandexTrojan.GenAsa!6PQm0jGs8mw
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.1779196.susgen
FortinetW32/Kryptik.NAS!tr
AVGWin32:Kryptik-APZ [Trj]
PandaBck/Qbot.AO
CrowdStrikewin/malicious_confidence_60% (W)

How to remove Malware.AI.4274352210?

Malware.AI.4274352210 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment