Malware

About “Malware.AI.4212013839” infection

Malware Removal

The Malware.AI.4212013839 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.4212013839 virus can do?

  • Performs HTTP requests potentially not found in PCAP.
  • Authenticode signature is invalid
  • Uses Windows utilities to create a scheduled task
  • Attempts to modify proxy settings
  • Touches a file containing cookies, possibly for information gathering
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Malware.AI.4212013839?



File Info:

name: EAC0FA3312DFB0B39CF7.mlw
path: /opt/CAPEv2/storage/binaries/ac1810aea742ed88c67816c9589a0aa2ec1c062401bfe45b1d3e9230be7998ef
crc32: A860CA6F
md5: eac0fa3312dfb0b39cf7139a1a40d377
sha1: f047bc606babe08a39df63e9ffab9102188843e8
sha256: ac1810aea742ed88c67816c9589a0aa2ec1c062401bfe45b1d3e9230be7998ef
sha512: ae2042526e78647282dc2f6586ce3b8d9e2d9c64572abfb1390e08b9b03aa0bf3d15bd03c9dd6564da844fc2af1c1739414459baef4cb2b5c09a86a9ab28108c
ssdeep: 24576:3AHnh+eWsN3skA4RV1Hom2KXMmHam2ak6qCG5:qh+ZkldoPK8Yam2aOD
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1B8259C0273D1C036FFABA2739B6AF64156BC79254123852F13981DB9BD701B2273E663
sha3_384: b9be13377395cd5e6f089c88860364d888f8d3bbe58e22bf9b7b75c87439a9d081b79e26664ff4a917c05999980d9d30
ep_bytes: e8c8d00000e97ffeffffcccccccccccc
timestamp: 2022-07-21 04:26:18


Version Info:

Translation: 0x0809 0x04b0

Malware.AI.4212013839 also known as:

BkavW32.Common.00F2AB75
LionicTrojan.Win32.Generic.4!c
SkyhighBehavesLike.Win32.Injector.dh
MalwarebytesMalware.AI.4212013839
SangforTrojan.Win32.Agent.Vai6
Elasticmalicious (moderate confidence)
APEXMalicious
AlibabaTrojanDownloader:Win32/Generic.3aa04a76
SophosGeneric ML PUA (PUA)
WebrootW32.Malware.Gen
McAfeeRDN/Generic.dx
DeepInstinctMALICIOUS
Cylanceunsafe
TrendMicro-HouseCallTROJ_GEN.R002H06K323
SentinelOneStatic AI – Malicious PE
FortinetPossibleThreat.PALLAS.H
AVGWin32:Malware-gen
AvastWin32:Malware-gen

How to remove Malware.AI.4212013839?

Malware.AI.4212013839 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment