Malware

Malware.AI.135371204 removal tips

Malware Removal

The Malware.AI.135371204 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.135371204 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Attempts to connect to a dead IP:Port (1 unique times)
  • Creates RWX memory
  • Guard pages use detected – possible anti-debugging.
  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Sniffs keystrokes
  • Creates known Njrat/Bladabindi RAT registry keys
  • Binary compilation timestomping detected

How to determine Malware.AI.135371204?



File Info:

name: 8BEB53A09944C1ED81A6.mlw
path: /opt/CAPEv2/storage/binaries/97653045be8ab489ba59ee9896f33800d2fc047e861fad8813d0a9c2f7015623
crc32: 393A84C8
md5: 8beb53a09944c1ed81a666f1f04ecde1
sha1: c9fe7219bc0b6b6df30533e69771bc0ba89ae1ea
sha256: 97653045be8ab489ba59ee9896f33800d2fc047e861fad8813d0a9c2f7015623
sha512: 013a9ef13d7a5737c67db9db1cb2fe26250f53c624a42421e0dc7d23c7c1d62bd6284d3aafeb0b8779aeadbacbfff4f922cd8ba3be0dcbe760cada11d122fa80
ssdeep: 768:EoxvbQg/4v8E7EFShslsvKKqIjtHVM9hzlkSPSA:EMQgAv8E7EMslsSKqWt1M9hZpSA
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T132E2BE2943C006DDEE7E83323D421AD08565E9918F3DEEDFA8B111011AB3A57C74EAB7
sha3_384: c7dffb9578614eb36b791948f4b64e0b7e91d66b9e16aeb085662d3f4f217e16c5136440342be8d9bbc03683b6f94b77
ep_bytes: ff250020400000000000000000000000
timestamp: 2080-02-07 11:52:06


Version Info:

Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: Fikra402
FileVersion: 1.0.0.0
InternalName: Fikra402.exe
LegalCopyright: Copyright ©  2020
LegalTrademarks: 
OriginalFilename: Fikra402.exe
ProductName: Fikra402
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Malware.AI.135371204 also known as:

LionicTrojan.Win32.Generic.4!c
Elasticmalicious (high confidence)
CynetMalicious (score: 100)
FireEyeGeneric.mg.8beb53a09944c1ed
ALYacGen:Variant.Bulz.243585
CylanceUnsafe
SangforTrojan.Win32.Generic.ky
K7AntiVirusTrojan ( 005738431 )
AlibabaTrojan:MSIL/GenKryptik.14f229ea
K7GWTrojan ( 005738431 )
CrowdStrikewin/malicious_confidence_100% (W)
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/GenKryptik.EMVT
APEXMalicious
Paloaltogeneric.ml
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Variant.Bulz.243585
MicroWorld-eScanGen:Variant.Bulz.243585
AvastWin32:Trojan-gen
TencentWin32.Trojan.Generic.Efbn
Ad-AwareGen:Variant.Bulz.243585
EmsisoftGen:Variant.Bulz.243585 (B)
ComodoMalware@#25aofqoaaaaf4
VIPRETrojan.Win32.Generic!BT
TrendMicroTROJ_GEN.R002C0GBI22
McAfee-GW-EditionArtemis!Trojan
SophosMal/Generic-S
IkarusTrojan.MSIL.Krypt
GDataGen:Variant.Bulz.243585
AviraTR/Dropper.Gen
GridinsoftRansom.Win32.Bladabindi.sa
MicrosoftBackdoor:Win32/Bladabindi!ml
AhnLab-V3Win-Trojan/MSILKrypt14.Exp
McAfeeArtemis!8BEB53A09944
MAXmalware (ai score=89)
VBA32TScope.Trojan.MSIL
MalwarebytesMalware.AI.135371204
TrendMicro-HouseCallTROJ_GEN.R002C0GBI22
RisingMalware.Obfus/MSIL@AI.90 (RDM.MSIL:P4GWtASh/WO0Xrd3LULBmA)
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetMSIL/Injector.MEA!tr
BitDefenderThetaGen:NN.ZemsilF.34232.bm0@aOeKOkd
AVGWin32:Trojan-gen
PandaTrj/GdSda.A

How to remove Malware.AI.135371204?

Malware.AI.135371204 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment