Malware

Malware.AI.13029454 removal guide

Malware Removal

The Malware.AI.13029454 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.13029454 virus can do?

  • Dynamic (imported) function loading detected
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is likely packed with VMProtect
  • Authenticode signature is invalid
  • Anomalous binary characteristics
  • Binary compilation timestomping detected

How to determine Malware.AI.13029454?



File Info:

name: 43ACF6DC7ECDB957341B.mlw
path: /opt/CAPEv2/storage/binaries/b703bb475826697d5baa3c67732309a4cbcc72a37f95dce6185f27d8f4448ea5
crc32: E6ECDC61
md5: 43acf6dc7ecdb957341b787cccdc419e
sha1: 2fc776f9f72380c3c93055f8ba55f01048c30642
sha256: b703bb475826697d5baa3c67732309a4cbcc72a37f95dce6185f27d8f4448ea5
sha512: 41437e9ca58031011e8dfc21bc4a4aeb20bb8bdecc4b10345f068688b91edb12df7504c3159a482ffa030059201c314adedc97283dddaceadf452726635810a3
ssdeep: 98304:w2tE8/kcktWP2BMFA7HKktWP2BMFA7HIk+:w2h8WPmHK8WPmHI9
type: PE32+ executable (GUI) x86-64, for MS Windows
tlsh: T120F5010123C0D77BFDD6297F5F33D25312AF2B8477A5AE9A1D01165E7A12A4324E3A0E
sha3_384: 96cbef343dcd89af16e6d45bd608b9e127f56bafc54713ec24e9f044e58782160d4c9f1b22caf2761300eca35ccc1569
ep_bytes: 4d5a90000300000004000000ffff0000
timestamp: 2046-02-06 22:17:52


Version Info:

Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: Google Chrome
FileVersion: 1.0.0.0
InternalName: Regiment-Changer.exe
LegalCopyright: Copyright ©  2021
LegalTrademarks: 
OriginalFilename: Regiment-Changer.exe
ProductName: ModernWarfare
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Malware.AI.13029454 also known as:

LionicTrojan.Win32.Bulz.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Bulz.607252
FireEyeGeneric.mg.43acf6dc7ecdb957
ALYacGen:Variant.Bulz.607252
CylanceUnsafe
ZillyaTrojan.VMProtect.Win32.52400
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 00574e2d1 )
AlibabaPacked:MSIL/VMProtect.2100e017
K7GWTrojan ( 00574e2d1 )
CrowdStrikewin/malicious_confidence_90% (W)
SymantecTrojan.Gen.2
ESET-NOD32a variant of MSIL/Packed.VMProtect.C suspicious
APEXMalicious
Paloaltogeneric.ml
BitDefenderGen:Variant.Bulz.607252
Ad-AwareGen:Variant.Bulz.607252
SophosMal/Generic-R + Mal/VMProtBad-A
VIPRETrojan.Win32.Generic!BT
McAfee-GW-EditionBehavesLike.Win64.Trojan.wc
EmsisoftGen:Variant.Bulz.607252 (B)
IkarusTrojan-Downloader.MSIL.Agent
GDataGen:Variant.Bulz.607252
AviraHEUR/AGEN.1141649
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 100)
McAfeeArtemis!43ACF6DC7ECD
MAXmalware (ai score=82)
MalwarebytesMalware.AI.13029454
TrendMicro-HouseCallTROJ_GEN.R002H0CIH21
SentinelOneStatic AI – Malicious PE
FortinetAdware/VMProtBad
MaxSecureTrojan.Malware.300983.susgen

How to remove Malware.AI.13029454?

Malware.AI.13029454 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment