Malware

Malware.AI.1305444390 removal tips

Malware Removal

The Malware.AI.1305444390 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.1305444390 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • CAPE extracted potentially suspicious content
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Authenticode signature is invalid
  • Binary file triggered YARA rule
  • Anomalous binary characteristics
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Malware.AI.1305444390?



File Info:

name: C202639D125021031069.mlw
path: /opt/CAPEv2/storage/binaries/2e4ddc8e733e873efe9a3251f6fa4b576e4555b2e882fa9d34443c405bb1ec1d
crc32: B409876E
md5: c202639d1250210310699ee9afa75660
sha1: 59bbdd8c642c4ba9d54cda5db2d6525135019858
sha256: 2e4ddc8e733e873efe9a3251f6fa4b576e4555b2e882fa9d34443c405bb1ec1d
sha512: ecadc932f6ef77cd607866722781adb2fcdf0df73dd9e4c9f6bfa61007757aaccbcb7fa76f11d77e8b023c29bd8546681286097c8997e50bbc70f351889e8928
ssdeep: 3072:Wwk2vjzIBHiZdH2UZ1scJIpyO5NdURAFlPoLL:nk27zIl8pIpnNZFlPo
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T105F37DC2AAB044B7C426C035951346E56EE26C1CF8888CBF1DF2354529FE6B61EBB47D
sha3_384: fb3e38d69fb22757463bd40f70e818024e0014ed5293408317609fbbfdab7000474c878d26d9c3f19243890848c50407
ep_bytes: 558bec6aff683014400068f84d420064
timestamp: 2014-02-13 12:26:01


Version Info:

Comments: 
CompanyName: weiruan
FileDescription: weiruan
FileVersion: 1, 0, 0, 1
InternalName: weiruan
LegalCopyright: 版权所有(C) 2014
LegalTrademarks: 
OriginalFilename: weiruan
PrivateBuild: 
ProductName: weiruan
ProductVersion: 1, 0, 0, 1
SpecialBuild: 
Translation: 0x0804 0x04b0

Malware.AI.1305444390 also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Zegost.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Barys.30625
FireEyeGeneric.mg.c202639d12502103
SkyhighBehavesLike.Win32.Worm.ch
McAfeeGenericRXIL-IP!C202639D1250
Cylanceunsafe
ZillyaTrojan.Dialer.Win32.19934
SangforSuspicious.Win32.Save.ins
K7AntiVirusTrojan ( 00495aa11 )
AlibabaBackdoor:Win32/Zegost.b80c194b
K7GWTrojan ( 00495aa11 )
Cybereasonmalicious.d12502
VirITTrojan.Win32.Inject2.SNO
SymantecML.Attribute.HighConfidence
ESET-NOD32Win32/Farfli.PZ
APEXMalicious
TrendMicro-HouseCallBKDR_ZEGOST.SM34
ClamAVWin.Dropper.Gh0stRAT-7670602-0
KasperskyTrojan.Win32.Agent.agzsz
BitDefenderGen:Variant.Barys.30625
NANO-AntivirusTrojan.Win32.Agent.ctmnvx
AvastWin32:Malware-gen
TencentMalware.Win32.Gencirc.10b7e0eb
EmsisoftGen:Variant.Barys.30625 (B)
F-SecureHeuristic.HEUR/AGEN.1341079
DrWebTrojan.DownLoader9.24607
VIPREGen:Variant.Barys.30625
TrendMicroBKDR_ZEGOST.SM34
Trapminemalicious.high.ml.score
SophosMal/Zegost-BA
SentinelOneStatic AI – Malicious PE
MAXmalware (ai score=99)
JiangminTrojan/Dialer.okm
GoogleDetected
AviraHEUR/AGEN.1341079
Antiy-AVLTrojan/Win32.Dialer
KingsoftWin32.Trojan.Agent.agzsz
MicrosoftBackdoor:Win32/Zegost.AD
XcitiumMalware@#2ev2zc8r55m0p
ArcabitTrojan.Barys.D77A1
ZoneAlarmTrojan.Win32.Agent.agzsz
GDataGen:Variant.Barys.30625
CynetMalicious (score: 99)
AhnLab-V3Trojan/Win32.Agent.R97143
BitDefenderThetaGen:NN.ZexaF.36802.jm1@aSwM79gb
ALYacGen:Variant.Barys.30625
VBA32BScope.Backdoor.Farfli
MalwarebytesMalware.AI.1305444390
PandaTrj/Genetic.gen
RisingTrojan.Generic@AI.90 (RDML:/DYWswPW9/HlXzI8+GJyTQ)
YandexTrojan.Dialer!v+jLbxnElkU
IkarusBackdoor.Win32.Morix
MaxSecureTrojan.Malware.7554847.susgen
FortinetW32/Farfli.PZ!tr
AVGWin32:Malware-gen
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (W)
alibabacloudWorm:Win/Farfli.PZ

How to remove Malware.AI.1305444390?

Malware.AI.1305444390 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment