Malware

How to remove “Malware.AI.1054844854”?

Malware Removal

The Malware.AI.1054844854 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.1054844854 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • Authenticode signature is invalid
  • Behavioural detection: Injection (inter-process)
  • Attempts to disable Windows Auto Updates
  • Anomalous binary characteristics
  • Attempts to modify Explorer settings to prevent hidden files from being displayed

How to determine Malware.AI.1054844854?



File Info:

name: 04C17E9133939C5ED210.mlw
path: /opt/CAPEv2/storage/binaries/975ea60775bc1a558dd7d00bc22f4e176d4bdcda0c7992106b867863314d44ea
crc32: EA8E749E
md5: 04c17e9133939c5ed21042629c5dcc4b
sha1: 361b0a839ee2e1fdc354ffe65656a1f9cb7eaf95
sha256: 975ea60775bc1a558dd7d00bc22f4e176d4bdcda0c7992106b867863314d44ea
sha512: f8315dd8e4dc537ec36d049ff36f03b8ef043882c26105ae5e8d050d451499fffc9ed470c1665faa662ac4817b9d4215b1b6034c1ecdeb690e4ca3e498cd077d
ssdeep: 3072:QxKsZYSo/fWxJYwExxusHwadMX0sQ84O1s4N27PBEtFjjUcsFP84K6yXX7:2KHfWxJYw4xusHwsY0sQe2WuPxnyXX7
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1A464C77E7BA446A5D42C21703AA2F3D1196178496E639F423620F3A456BBDA13C1CFCF
sha3_384: a5045277d1a766898498396158ff82ec5ade0954661e841e93b52cc4b106c7f369017a2aad5ca914660fba5f86317d58
ep_bytes: 683c134000e8f0ffffff000000000000
timestamp: 2012-05-11 04:58:03


Version Info:

Translation: 0x0409 0x04b0
ProductName: gowkpewgeud
FileVersion: 9.07.0007
ProductVersion: 9.07.0007
InternalName: zsazpudaszod
OriginalFilename: zsazpudaszod.exe

Malware.AI.1054844854 also known as:

BkavW32.AIDetectMalware
tehtrisGeneric.Malware
MicroWorld-eScanGen:Variant.Barys.2644
FireEyeGeneric.mg.04c17e9133939c5e
CAT-QuickHealTrojan.JorikMF.S19993789
Cylanceunsafe
SangforSuspicious.Win32.Save.vb
CrowdStrikewin/malicious_confidence_100% (D)
K7GWEmailWorm ( 003c363a1 )
K7AntiVirusEmailWorm ( 003c363a1 )
ArcabitTrojan.Barys.DA54
BitDefenderThetaGen:NN.ZevbaF.36250.tm0@aW@6iebi
VirITTrojan.Win32.Zyx.KK
CyrenW32/Vobfus.O.gen!Eldorado
SymantecW32.Changeup
Elasticmalicious (high confidence)
ESET-NOD32Win32/Pronny.AQ
APEXMalicious
ClamAVWin.Trojan.Vobfus-55
KasperskyTrojan.Win32.Jorik.Vobfus.ctsv
BitDefenderGen:Variant.Barys.2644
NANO-AntivirusTrojan.Win32.Jorik.crsvfp
SUPERAntiSpywareTrojan.Agent/Gen-Vobfus
AvastWin32:Pronny-I [Trj]
TencentWorm.Win32.Vobfus.n
TACHYONTrojan/W32.Jorik.319488
EmsisoftGen:Variant.Barys.2644 (B)
BaiduWin32.Worm.Pronny.gn
F-SecureTrojan.TR/Barys.2492589
DrWebWin32.HLLW.Autoruner1.16113
VIPREGen:Variant.Barys.2644
TrendMicroWORM_VB.SMGAT
McAfee-GW-EditionBehavesLike.Win32.VBObfus.fm
Trapminemalicious.high.ml.score
SophosMal/VBCheMan-J
SentinelOneStatic AI – Malicious PE
JiangminTrojan/Jorik.goaj
GoogleDetected
AviraTR/Barys.2492589
Antiy-AVLWorm/Win32.WBNA.gen
XcitiumWorm.Win32.Pronny.AK@4ogvoo
MicrosoftWorm:Win32/Vobfus.FA
ZoneAlarmTrojan.Win32.Jorik.Vobfus.ctsv
GDataWin32.Trojan.PSE.10T9JN3
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Jorik.R24837
Acronissuspicious
McAfeeVBObfus.dv
MAXmalware (ai score=81)
VBA32Trojan.Vobfus
MalwarebytesMalware.AI.1054844854
PandaTrj/Genetic.gen
TrendMicro-HouseCallWORM_VB.SMGAT
RisingWorm.Pronny!1.AE42 (CLASSIC)
YandexTrojan.GenAsa!HkTYGOaejjo
IkarusTrojan.Win32.Jorik
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Jorik.EGLG!tr
AVGWin32:Pronny-I [Trj]
DeepInstinctMALICIOUS

How to remove Malware.AI.1054844854?

Malware.AI.1054844854 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment