Malware

Malware.AI.4265518222 (file analysis)

Malware Removal

The Malware.AI.4265518222 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.4265518222 virus can do?

  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary contains an unknown PE section name indicative of packing
  • Executable file is packed/obfuscated with ASPack
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Attempts to modify proxy settings
  • Anomalous binary characteristics
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Malware.AI.4265518222?



File Info:

name: E60FF8A94E6D5E3BD922.mlw
path: /opt/CAPEv2/storage/binaries/d5bc9388e466f6cc020b5c32f12b133d0b1ecd3a4c8cc2e4beaca08003627ad8
crc32: 515FA6FE
md5: e60ff8a94e6d5e3bd922a5d3cac6d4ce
sha1: 717d7a74c82fe054187e0ea17b387f6e9e7d9a0a
sha256: d5bc9388e466f6cc020b5c32f12b133d0b1ecd3a4c8cc2e4beaca08003627ad8
sha512: 59e1b185c76b2d33114809f84cee3e317bab390b59b7f8dd84a63bcd4364157b5f9f4bcb35fb14451e9a96934e787f0f8476126919f3dfe115d06204f873d331
ssdeep: 49152:eRjiXQp9Nty47bCRO4Gdk50jhKRYgGWeI+64IrnqfQdvgJ+yDZs:eRjiiDP7OE/dk5shFgG0OAvgJjDZ
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1EAD5332DC5CC8E82E40621B7185E29993A156C60275A3DC5B5F636BBEFB721A10FC34F
sha3_384: df223e362bacc9530a4480b2b7fff76c1c75cfd45afadce5d2fd75ac8a84ab5772e2cb0c052899eeacf7701a77baf43d
ep_bytes: 60e803000000e9eb045d4555c3e80100
timestamp: 2020-11-02 19:55:53


Version Info:

0: [No Data]

Malware.AI.4265518222 also known as:

LionicTrojan.Win32.Graftor.4!c
tehtrisGeneric.Malware
MicroWorld-eScanGen:Variant.Graftor.871380
FireEyeGeneric.mg.e60ff8a94e6d5e3b
CAT-QuickHealRisktool.Flystudio.18570
ALYacGen:Variant.Graftor.871380
MalwarebytesMalware.AI.4265518222
VIPREGen:Variant.Graftor.871380
SangforTrojan.Win32.FlyStudio.Va3v
K7AntiVirusAdware ( 005071f51 )
K7GWAdware ( 005071f51 )
Cybereasonmalicious.94e6d5
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Packed.FlyStudio.AA potentially unwanted
APEXMalicious
Paloaltogeneric.ml
ClamAVWin.Malware.Apost-10001460-0
BitDefenderGen:Variant.Graftor.871380
NANO-AntivirusTrojan.Win32.APosT.icrqvt
AvastWin32:Malware-gen
TencentMalware.Win32.Gencirc.10bd13d3
EmsisoftGen:Variant.Graftor.871380 (B)
F-SecureHeuristic.HEUR/AGEN.1355777
DrWebTrojan.PWS.Wsgame.54489
ZillyaTrojan.APosT.Win32.1752
McAfee-GW-EditionBehavesLike.Win32.Generic.vc
Trapminemalicious.high.ml.score
SophosGeneric ML PUA (PUA)
SentinelOneStatic AI – Suspicious PE
GDataWin32.Application.PSE.18M7LFX
JiangminTrojan.APosT.alo
AviraHEUR/AGEN.1355777
MAXmalware (ai score=87)
Antiy-AVLTrojan/Win32.FlyStudio.a
XcitiumWorm.Win32.Dropper.RA@1qraug
ArcabitTrojan.Graftor.DD4BD4
MicrosoftTrojan:Win32/Wacatac.A!ml
CynetMalicious (score: 100)
AhnLab-V3Malware/Gen.RL_Reputation.R362640
McAfeeArtemis!E60FF8A94E6D
VBA32Trojan.APosT
Cylanceunsafe
PandaTrj/Genetic.gen
TrendMicro-HouseCallTROJ_GEN.R002H0CBJ23
RisingTrojan.APosT!8.E271 (TFE:5:lBEvX4nz9aB)
YandexTrojan.GenAsa!fW8zO9lAocw
MaxSecureTrojan.Malware.113660775.susgen
FortinetRiskware/Application
AVGWin32:Malware-gen
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_60% (D)

How to remove Malware.AI.4265518222?

Malware.AI.4265518222 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment