Trojan

What is “AIT:Trojan.Nymeria.4511”?

Malware Removal

The AIT:Trojan.Nymeria.4511 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What AIT:Trojan.Nymeria.4511 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Dynamic (imported) function loading detected
  • Enumerates running processes
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid

How to determine AIT:Trojan.Nymeria.4511?



File Info:

name: 3D16482BB98C8EF858E8.mlw
path: /opt/CAPEv2/storage/binaries/13b7e37ad12430072a5a795644246d9c1ee39e2a2e7a8ae50d5b28312ec59089
crc32: EEBDE7AE
md5: 3d16482bb98c8ef858e8307a388b7037
sha1: fa73df5587f4058f555c1578afcee1021a1defbf
sha256: 13b7e37ad12430072a5a795644246d9c1ee39e2a2e7a8ae50d5b28312ec59089
sha512: d89d884b29b50c95399e7df0daed06c92dbe8077f793b2414dbdfa62609d8b61a14d964c51ea4fc9eca69c495448ce7fa5a87907fdc00043288a4d0060e9262a
ssdeep: 24576:TCdxte/80jYLT3U1jfsWaLTN4pMM/lzhOjtCcsY8zDQ:6w80cTsjkWaLc7/lVOjQ6
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T15775CE2273DDC365CB669D73FF6977012EBB7C750A20F8572E880DF8A960161262C663
sha3_384: 3a5d98f1dfe35703901eb97e1634902152d9d6eeb177826b70a735d67ffc1852027e6e280086d389af913c5175a3bbf6
ep_bytes: e8b8d00000e97ffeffffcccccccccccc
timestamp: 2022-01-30 12:49:53


Version Info:

CompanyName: Rifbot
FileDescription: Rifbot
FileVersion: 2.0.6
LegalCopyright: © Rifbot
LegalTrademarks: Trademark Rifbot'
OriginalFilename: Rifbot.exe
ProductName: Rifbot
ProductVersion: 2.0.6
Translation: 0x0809 0x04b0

AIT:Trojan.Nymeria.4511 also known as:

BkavW32.AIDetect.malware1
MicroWorld-eScanAIT:Trojan.Nymeria.4511
FireEyeAIT:Trojan.Nymeria.4511
Cybereasonmalicious.bb98c8
CyrenW32/AutoIt.QZ.gen!Eldorado
ClamAVWin.Dropper.Nanocore-9906889-0
BitDefenderAIT:Trojan.Nymeria.4511
Ad-AwareAIT:Trojan.Nymeria.4511
McAfee-GW-EditionBehavesLike.Win32.TrojanAitInject.tc
EmsisoftAIT:Trojan.Nymeria.4511 (B)
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
GDataAIT:Trojan.Nymeria.4511 (2x)
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Nymeria.C4218016
VBA32Trojan.Autoit.Wirus
ALYacAIT:Trojan.Nymeria.4511
MAXmalware (ai score=81)
MalwarebytesMalware.AI.1902921949
APEXMalicious
eGambitUnsafe.AI_Score_60%
CrowdStrikewin/malicious_confidence_60% (D)

How to remove AIT:Trojan.Nymeria.4511?

AIT:Trojan.Nymeria.4511 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment