Malware

Malware.AI.1312606768 removal guide

Malware Removal

The Malware.AI.1312606768 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.1312606768 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Possible date expiration check, exits too soon after checking local time
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid

How to determine Malware.AI.1312606768?



File Info:

name: FA959A19CC6168490D54.mlw
path: /opt/CAPEv2/storage/binaries/137eeae18f20cf7e235b70763f87efe17479ab88a633e9e715698e0ce3e29b09
crc32: 6588D5F5
md5: fa959a19cc6168490d5460b6181c62c0
sha1: c0f6a2343929fdbe32ef3c7d08829f0243407939
sha256: 137eeae18f20cf7e235b70763f87efe17479ab88a633e9e715698e0ce3e29b09
sha512: 3016751f226143c03ddde350cc17630b5e08316c9b44895e61ec937e78d1a2b5b70e860e83ae9c47cfb427036e806e83ecda5c33d906ce093fd94f800b6966df
ssdeep: 6144:03kKvOdv7zMm9gLOk9nnha7oe9D2xnY4VByfXnlEFECJIoRQS:MnvO1XMm9h0FyWY4V+XAPRQS
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T15444236882F4ECC5D80E0A309D638F67B26011B5E163367F9558386E5FCEAF7049D987
sha3_384: de44882ffe0227b5ab4003e632f4595dbd6e14d21e54de9a1ec063b66b1b650339eee494ebcd30740ffa163d5a02ce5b
ep_bytes: 60be008073008dbe0090ccff5789e58d
timestamp: 2011-05-03 08:45:15


Version Info:

CompanyName: U*q>a)
InternalName: Gaqic
LegalTrademarks: Edaso Ebovuga Tesoju Pipi Oxulaj Yle Max Pehad
OriginalFilename: Unpe2cdhkybf.exe
ProductVersion: 6, 1
Translation: 0x0409 0x04b0

Malware.AI.1312606768 also known as:

BkavW32.AIDetect.malware2
Elasticmalicious (high confidence)
CynetMalicious (score: 100)
FireEyeGeneric.mg.fa959a19cc616849
CAT-QuickHealTrojanPWS.Zbot.Gen
McAfeePWS-Zbot-FAKQ!FA959A19CC61
CylanceUnsafe
VIPRETrojan.Win32.Zbot.dx (v)
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 0040f3931 )
AlibabaTrojanSpy:Win32/Kryptik.033a21c1
K7GWTrojan ( 0040f3931 )
CrowdStrikewin/malicious_confidence_90% (W)
VirITTrojan.Win32.Generic.CMCK
SymantecML.Attribute.HighConfidence
ESET-NOD32Win32/Spy.Zbot.AAU
APEXMalicious
ClamAVWin.Malware.Zbot-9862956-0
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Variant.Sirefef.124
NANO-AntivirusTrojan.Win32.Panda.cstamf
MicroWorld-eScanGen:Variant.Sirefef.124
AvastWin32:Trojan-gen
TencentWin32.Trojan.Generic.Efkn
Ad-AwareGen:Variant.Sirefef.124
EmsisoftGen:Variant.Sirefef.124 (B)
ComodoMalware@#331n24ardzmkk
DrWebTrojan.PWS.Panda.3734
ZillyaTrojan.Zbot.Win32.111614
TrendMicroTSPY_ZBOT.SMLK
McAfee-GW-EditionBehavesLike.Win32.TrojanAitInject.dc
SophosMal/Generic-R + Mal/Zbot-KV
SentinelOneStatic AI – Malicious PE
GDataGen:Variant.Sirefef.124
JiangminTrojan.Generic.dxehv
WebrootW32.Malware.Gen
AviraTR/Crypt.ZPACK.Gen2
MAXmalware (ai score=100)
Antiy-AVLTrojan/Generic.ASMalwS.1AD9CE
KingsoftWin32.Heur.KVMH004.a.(kcloud)
ViRobotTrojan.Win32.Zbot.256000
ZoneAlarmHEUR:Trojan.Win32.Generic
MicrosoftPWS:Win32/Zbot!rfn
AhnLab-V3Spyware/Win32.Zbot.R59815
BitDefenderThetaGen:NN.ZexaF.34212.pm0@a8XHwZB
ALYacGen:Variant.Sirefef.124
VBA32BScope.Trojan.MTA.0661
MalwarebytesMalware.AI.1312606768
TrendMicro-HouseCallTSPY_ZBOT.SMLK
RisingSpyware.Zbot!8.16B (CLOUD)
YandexTrojanSpy.Zbot!cM3MkQqdzA8
IkarusTrojan-PWS.Win32.Zbot
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Kryptik.AY!tr
AVGWin32:Trojan-gen
Cybereasonmalicious.9cc616
PandaTrj/Genetic.gen

How to remove Malware.AI.1312606768?

Malware.AI.1312606768 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment