Malware

Malware.AI.1006959321 (file analysis)

Malware Removal

The Malware.AI.1006959321 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.1006959321 virus can do?

  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Binary compilation timestomping detected

How to determine Malware.AI.1006959321?



File Info:

name: ADA680890FB1C6BA9F5C.mlw
path: /opt/CAPEv2/storage/binaries/30547802a62bcf535fe64ae13e48342c30e38846a846603e000e6048f60953ad
crc32: 7E7810AC
md5: ada680890fb1c6ba9f5c6ef886f9d79d
sha1: b9d3b9225dcdcab6f9eecc359585112e7f9cc49b
sha256: 30547802a62bcf535fe64ae13e48342c30e38846a846603e000e6048f60953ad
sha512: 52c05a7c04f5e2eddcb595465d1d2934cf1dadc5eb4dc53a21bb921fb02f8a3438b09bc28e53830c087dbe65d579bff0e92b51c0c4992865b2188986ff1da208
ssdeep: 24576:VbbKr6CazPIk5BkAY0RBBKZW5DFR062k2B:V/o6P5cT0DoZWPR8
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T1510522101375162DEE3603BDD478E036EA7F6E6A5822825C65E3BD67BA313853CC13D5
sha3_384: 1b1159e38c8208ba8777c23fe50f4336e5c1cdc67544aee1ced2bbf4555011737a27a91bee952fcf7ea257fc4e88f9c1
ep_bytes: ff250020400000000000000000000000
timestamp: 2085-10-16 15:48:21


Version Info:

Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: UCViewKioskSetup
FileVersion: 1.0.0.0
InternalName: UCViewKioskSetup.exe
LegalCopyright: Copyright ©  2020
LegalTrademarks: 
OriginalFilename: UCViewKioskSetup.exe
ProductName: UCViewKioskSetup
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Malware.AI.1006959321 also known as:

LionicTrojan.Win32.Bulz.4!c
MicroWorld-eScanGen:Variant.Bulz.518705
CAT-QuickHealTrojan.AgentFC.S24736446
McAfeeRDN/Generic.tfr
CylanceUnsafe
VIPRETrojan.Win32.Generic!BT
SangforTrojan.Win32.Zpevdo.B
SymantecML.Attribute.HighConfidence
TrendMicro-HouseCallTROJ_GEN.R011C0PIO21
BitDefenderGen:Variant.Bulz.518705
AvastWin32:TrojanX-gen [Trj]
Ad-AwareGen:Variant.Bulz.518705
TrendMicroTROJ_GEN.R011C0PIO21
McAfee-GW-EditionRDN/Generic.tfr
FireEyeGen:Variant.Bulz.518705
EmsisoftGen:Variant.Bulz.518705 (B)
GDataGen:Variant.Bulz.518705
WebrootW32.Adware.Gen
MAXmalware (ai score=89)
Antiy-AVLTrojan/Generic.ASMalwS.34A0210
ArcabitTrojan.Bulz.D7EA31
ViRobotTrojan.Win32.Z.Bulz.873472
MicrosoftTrojan:Win32/Wacatac.B!ml
AhnLab-V3Trojan/Win.Generic.C4677197
ALYacGen:Variant.Bulz.518705
MalwarebytesMalware.AI.1006959321
APEXMalicious
SentinelOneStatic AI – Suspicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetPossibleThreat
AVGWin32:TrojanX-gen [Trj]

How to remove Malware.AI.1006959321?

Malware.AI.1006959321 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment