Malware

Malware.AI.1257589065 removal

Malware Removal

The Malware.AI.1257589065 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.1257589065 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Guard pages use detected – possible anti-debugging.
  • A process attempted to delay the analysis task.
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is likely packed with VMProtect
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Sniffs keystrokes
  • Installs itself for autorun at Windows startup
  • CAPE detected the njRat malware family
  • Creates a copy of itself

How to determine Malware.AI.1257589065?



File Info:

name: 3723CAAC6D4B84DEE623.mlw
path: /opt/CAPEv2/storage/binaries/573fe6efd8e99780804b36d42913eefdf87db56396ed39abfe8c20621abd4d87
crc32: 5F68B0BE
md5: 3723caac6d4b84dee623a0e4b26da435
sha1: 399889e0134adb01c753f76a0aaf52d943886f13
sha256: 573fe6efd8e99780804b36d42913eefdf87db56396ed39abfe8c20621abd4d87
sha512: 26a91f1c1fbb811f3768b42729ccb635eb81adc0a23bb22f9a77427c52b9d3965be6e3708e56f87e1d46862c5dcdbbf0623a2fbe2bc2479be660a91fd0ef440e
ssdeep: 6144:LFqW4JfPxRKoE/weOR/O19ALNSQ9hpJ1Ng:Z8JfP5gwxRODARM
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T17E64D0383BE84451E5F90BB56CB141A65EB1FE11B503D3EE251628E97F12388CF136AB
sha3_384: f8316aa65e04157f882b12a9c5e789f91e3aacfe729ac0a389ed661fbbf9f1736380800c0d84d7e30751defaa475cad3
ep_bytes: ff250040440000fe0400691296503422
timestamp: 2022-06-20 01:14:24


Version Info:

0: [No Data]

Malware.AI.1257589065 also known as:

BkavW32.AIDetectNet.01
ElasticWindows.Trojan.Njrat
ClamAVWin.Packed.Generic-9795615-0
CAT-QuickHealTrojan.YakbeexMSIL.ZZ4
McAfeeTrojan-FIDH!3723CAAC6D4B
MalwarebytesMalware.AI.1257589065
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 7000001c1 )
BitDefenderGeneric.MSIL.Bladabindi.DCEDEC22
K7GWTrojan ( 7000001c1 )
CrowdStrikewin/malicious_confidence_100% (D)
CyrenW32/Trojan.BVX.gen!Eldorado
ESET-NOD32a variant of MSIL/Bladabindi.LX
APEXMalicious
CynetMalicious (score: 100)
KasperskyHEUR:Trojan.Win32.Generic
MicroWorld-eScanGeneric.MSIL.Bladabindi.DCEDEC22
TencentTrojan.Win32.Bladabindi.16000442
Ad-AwareGeneric.MSIL.Bladabindi.DCEDEC22
EmsisoftGeneric.MSIL.Bladabindi.DCEDEC22 (B)
McAfee-GW-EditionBehavesLike.Win32.Generic.fc
Trapminemalicious.high.ml.score
FireEyeGeneric.mg.3723caac6d4b84de
SophosML/PE-A + Mal/VMProtBad-A
IkarusPUA.VMProtect
GDataMSIL.Backdoor.Agent.AXJ
AviraTR/Dropper.Gen
ArcabitGeneric.MSIL.Bladabindi.DCEDEC22
ZoneAlarmHEUR:Trojan.Win32.Generic
MicrosoftBackdoor:MSIL/Bladabindi.BN
AhnLab-V3Trojan/Win32.RL_Generic.C4262935
Acronissuspicious
ALYacGeneric.MSIL.Bladabindi.DCEDEC22
MAXmalware (ai score=87)
CylanceUnsafe
RisingBackdoor.njRAT!1.A096 (CLASSIC)
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetMSIL/Bladabindi.LX!tr
BitDefenderThetaGen:NN.ZemsilF.34742.tqW@aWHtfvi
AVGWin32:RATX-gen [Trj]
Cybereasonmalicious.c6d4b8
AvastWin32:RATX-gen [Trj]

How to remove Malware.AI.1257589065?

Malware.AI.1257589065 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment