Malware

Malware.AI.1141920402 removal

Malware Removal

The Malware.AI.1141920402 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.1141920402 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Executed a command line with /C or /R argument to terminate command shell on completion which can be used to hide execution
  • Dynamic (imported) function loading detected
  • Enumerates running processes
  • A process created a hidden window
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Uses Windows utilities for basic functionality
  • Uses suspicious command line tools or Windows utilities

How to determine Malware.AI.1141920402?



File Info:

name: 6377480513891766DA62.mlw
path: /opt/CAPEv2/storage/binaries/1a4c8a21bda7e901f1c1dc5d4c2afa7d4fb6799cd58783702931157dbbf6517d
crc32: 7DFDB71C
md5: 6377480513891766da62c8175d329b0e
sha1: 63b2b46f6674dec145f76bae96c8af0b1baa8dfe
sha256: 1a4c8a21bda7e901f1c1dc5d4c2afa7d4fb6799cd58783702931157dbbf6517d
sha512: 60a01604c2153d422050f4d25aed0923da26d512d5f440e5fcb8b8ce00960e42aaff85b07b88e641ae29b8e4e8c48560c9c8237018112387e88e4b81b9b7b674
ssdeep: 6144:Z2JwR6hl+rXqC94BZVAgELqo5HcT0i8Q:OwR6Ap94DVbYN5igQ
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T18B649D2371E0C8B3C6B341714ED5AFBAF6BBB9100F228A835794DB1D5D319E19A3B251
sha3_384: f97eaa6edf06b2c76826b5ba287b81999be7f53ee2da0180e7c916321c7a8a7b5686863c2ae18652ca40fc0c02f6dc6e
ep_bytes: 558bec6aff6838ad420068fc0f410064
timestamp: 2011-06-21 03:55:30


Version Info:

CompanyName: 
FileDescription: FormatTool Microsoft 基础类应用程序
FileVersion: 1, 0, 0, 1
InternalName: FormatTool
LegalCopyright: 版权所有 (C) 2011
LegalTrademarks: 
OriginalFilename: FormatTool.EXE
ProductName: FormatTool 应用程序
ProductVersion: 1, 0, 0, 1
Translation: 0x0804 0x04b0

Malware.AI.1141920402 also known as:

LionicVirus.Win32.Doina.n!c
MicroWorld-eScanGen:Variant.Doina.12016
FireEyeGen:Variant.Doina.12016
McAfeeArtemis!637748051389
CylanceUnsafe
SangforTrojan.Win32.Trickbot.ml
AlibabaVirus:Win32/Virut.f3ca79cf
SymantecML.Attribute.HighConfidence
APEXMalicious
BitDefenderGen:Variant.Doina.12016
AvastWin32:Dh-A [Heur]
Ad-AwareGen:Variant.Doina.12016
EmsisoftGen:Variant.Doina.12016 (B)
McAfee-GW-EditionBehavesLike.Win32.Virus.fm
GDataGen:Variant.Doina.12016
WebrootW32.Trojan.Gen
ArcabitTrojan.Doina.D2EF0
MicrosoftTrojan:Win32/Emotet!ml
ALYacGen:Variant.Doina.12016
MAXmalware (ai score=81)
MalwarebytesMalware.AI.1141920402
TrendMicro-HouseCallTROJ_GEN.R002H09J521
YandexTrojan.GenAsa!2eoLcrfauz8
FortinetW32/PossibleThreat
AVGWin32:Dh-A [Heur]

How to remove Malware.AI.1141920402?

Malware.AI.1141920402 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment