Malware

What is “Malware.AI.1350552358”?

Malware Removal

The Malware.AI.1350552358 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.1350552358 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Presents an Authenticode digital signature
  • Dynamic (imported) function loading detected
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid

How to determine Malware.AI.1350552358?



File Info:

name: 18870FDDE93B156911D7.mlw
path: /opt/CAPEv2/storage/binaries/2ce7df0b108454fd97f62d7cd8a52d3c8e7095c4f4203ac50504c9cd1967f9ec
crc32: 7C655BDC
md5: 18870fdde93b156911d70431e059f8dd
sha1: ad838a15a97b847bb121406e841035359793bfda
sha256: 2ce7df0b108454fd97f62d7cd8a52d3c8e7095c4f4203ac50504c9cd1967f9ec
sha512: bc8cd3428c8dc2c2cc7f27df0136117e36b1ebeb93ce666b01c81d369ea47ea842932881655cdf40d6fd533e8224c1c312ee5b0d408711d88094b59fff969552
ssdeep: 24576:rw4aa87MxmyMY/jhtoMSUJq6cb8XhESZC4oO70F+2XefZgIo2+SD:rw5Mxmjc2MSAqwOn4ou0p6ZgLSD
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1512512F9861B0458C3930232A7B4FB91AC659C5EDEBB994D195EF4162FB7BA00F34027
sha3_384: 2a0cc4f6a6aa16652d2211745a719f35baaab8ce3e7cb697107a0d592f7f04180238165d293f499b3d8d16939e2b5fb7
ep_bytes: 60be008057008dbe0090e8ffc78788b5
timestamp: 2021-12-10 07:24:06


Version Info:

CompanyName: Shanghai Mengge
FileDescription: mininews
FileVersion: 1.0.0.1
InternalName: news.exe
LegalCopyright: Copyright (C) 2020 Shanghai Mengge
OriginalFilename: news.exe
ProductName: fileassistor
ProductVersion: 1.0.0.1
Translation: 0x0804 0x04b0

Malware.AI.1350552358 also known as:

LionicAdware.Win32.ComponentBased.2!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Bulz.336421
FireEyeGen:Variant.Application.Strictor.255325
ALYacGen:Variant.Application.Strictor.255325
CylanceUnsafe
ZillyaDownloader.Adload.Win32.112709
SangforTrojan.Win32.Adload.NUS
K7AntiVirusTrojan-Downloader ( 005680b71 )
AlibabaAdWare:Win32/ComponentBased.aba82be0
K7GWTrojan-Downloader ( 005680b71 )
Cybereasonmalicious.de93b1
CyrenW32/Adload.FD.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/TrojanDownloader.Adload.NUS
TrendMicro-HouseCallTROJ_GEN.R002C0PLA21
Kasperskynot-a-virus:HEUR:AdWare.Win32.ComponentBased.gen
BitDefenderGen:Variant.Bulz.336421
NANO-AntivirusTrojan.Win32.Adload.jizrgk
AvastWin32:Adware-gen [Adw]
TencentPua:Adware.Win32.Componentbased.16000198
Ad-AwareGen:Variant.Application.Strictor.255325
SophosGeneric PUA KN (PUA)
TrendMicroTROJ_GEN.R002C0PLA21
McAfee-GW-EditionGenericRXMS-GB!18870FDDE93B
SentinelOneStatic AI – Suspicious PE
EmsisoftGen:Variant.Bulz.336421 (B)
GDataGen:Variant.Bulz.336421
JiangminTrojanSpy.AutoIt.jh
eGambitGeneric.Malware
AviraHEUR/AGEN.1224833
Antiy-AVLTrojan/Generic.ASMalwS.336CE8F
MicrosoftTrojanDownloader:Win32/Aicat.A!ml
CynetMalicious (score: 99)
AhnLab-V3PUP/Win32.AdLoad.C3923949
McAfeeGenericRXMS-GB!18870FDDE93B
VBA32Adware.ComponentBased
MalwarebytesMalware.AI.1350552358
APEXMalicious
RisingDownloader.Adload!8.D1 (CLOUD)
YandexPUA.ComponentBased!DT2XikRrGnA
MAXmalware (ai score=82)
FortinetW32/Adload.NUS!tr.dldr
AVGWin32:Adware-gen [Adw]
PandaTrj/CI.A
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Malware.AI.1350552358?

Malware.AI.1350552358 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment