Malware

Malware.AI.1235669609 malicious file

Malware Removal

The Malware.AI.1235669609 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.1235669609 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Uses Windows utilities for basic functionality
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Uses Windows utilities to create a scheduled task
  • Creates a copy of itself
  • Deletes executed files from disk
  • Uses suspicious command line tools or Windows utilities
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Malware.AI.1235669609?



File Info:

name: 30A74B0C954D80FB01C1.mlw
path: /opt/CAPEv2/storage/binaries/64daef567ecd134bb5ff55f66db5bcc6fe57413d4a51734a40b2fe5b304e52f7
crc32: 61097CB9
md5: 30a74b0c954d80fb01c191c6058dc5be
sha1: e05969f5ad0715cc889cae47a5836a1ca4d1ffbf
sha256: 64daef567ecd134bb5ff55f66db5bcc6fe57413d4a51734a40b2fe5b304e52f7
sha512: 4332ec68738845954ecc85cfded60a2e9ff5b2f77e4e3803c9847197ded2102e822e44af881bd2af5bd9d91c6a05748e2c33585a431d4f47e459ffbd3ad10f98
ssdeep: 6144:xYJujsfLBFBWKV2TTvHfYgkUUyTAcQ04HJ5Oc3ci:xSuOLBFfVe/fYbUUcAm4p5Nf
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1044412A9A74207B5C14706B331877CC6970FD1BBB37E88B4744A400D136BE6CA7BB699
sha3_384: d6c5991466e34edc38583e1d964b9a30692cc1add9ad0d0985ae779f50a29c34c5fff9f547278fa46552acee885431b7
ep_bytes: b9000000005021d25e525b5642bab68e
timestamp: 1972-09-27 00:00:00


Version Info:

0: [No Data]

Malware.AI.1235669609 also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Khalesi.4!c
DrWebTrojan.Packed2.43250
MicroWorld-eScanGen:Variant.Zusy.456962
SkyhighBehavesLike.Win32.Generic.dc
McAfeeArtemis!30A74B0C954D
MalwarebytesMalware.AI.1235669609
ZillyaTrojan.Kryptik.Win32.4356407
SangforTrojan.Win32.Kryptik.Vnva
K7AntiVirusTrojan ( 0056e8c71 )
AlibabaTrojan:Win32/Khalesi.245a5116
K7GWTrojan ( 0056e8c71 )
CrowdStrikewin/malicious_confidence_100% (W)
ArcabitTrojan.Zusy.D6F902
BitDefenderThetaGen:NN.ZexaF.36680.qmY@a8b5pQm
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Kryptik.HTAQ
CynetMalicious (score: 100)
APEXMalicious
ClamAVWin.Packed.Generickdz-10014246-0
KasperskyHEUR:Trojan.Win32.Khalesi.pef
BitDefenderGen:Variant.Zusy.456962
AvastWin32:TrojanX-gen [Trj]
RisingTrojan.Kryptik!1.D12D (CLASSIC)
SophosMal/Generic-S
F-SecureTrojan.TR/Crypt.ZPACK.Gen
VIPREGen:Variant.Zusy.456962
TrendMicroTROJ_GEN.R002C0WK223
EmsisoftGen:Variant.Zusy.456962 (B)
SentinelOneStatic AI – Malicious PE
JiangminTrojan.Copak.yyc
VaristW32/Kryptik.JPJ.gen!Eldorado
AviraTR/Crypt.ZPACK.Gen
MAXmalware (ai score=89)
Antiy-AVLTrojan/Win32.Kryptik
MicrosoftTrojan:Win32/Wacatac.B!ml
ZoneAlarmHEUR:Trojan.Win32.Khalesi.pef
GDataGen:Variant.Zusy.456962
GoogleDetected
VBA32BScope.Trojan.Wacatac
Cylanceunsafe
PandaTrj/Chgt.AC
TrendMicro-HouseCallTROJ_GEN.R002C0WK223
TencentMalware.Win32.Gencirc.13f41503
IkarusTrojan.Win32.Injector
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Kryptik.FFP!tr
AVGWin32:TrojanX-gen [Trj]
Cybereasonmalicious.5ad071
DeepInstinctMALICIOUS

How to remove Malware.AI.1235669609?

Malware.AI.1235669609 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment