Malware

Malware.AI.1388765903 malicious file

Malware Removal

The Malware.AI.1388765903 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.1388765903 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid

How to determine Malware.AI.1388765903?



File Info:

name: CA413295C2FE0AEE6FA2.mlw
path: /opt/CAPEv2/storage/binaries/ef77bc45220ba354968b8c06c01f4b0d8855ead9eceb8a9de0864f700c6fa55c
crc32: D2CD1728
md5: ca413295c2fe0aee6fa2a29189cf708a
sha1: c02382a53712ac7706756b9ec9711629cee1ec13
sha256: ef77bc45220ba354968b8c06c01f4b0d8855ead9eceb8a9de0864f700c6fa55c
sha512: cb960c017d324c9aec33ba2735513266a4dcc9ac89961993168d79593112a8758a04cda49239ff148031ece971cae3fc3bace297ade396bd410391d02ea1d8b9
ssdeep: 49152:a6vFkG6KQisUIlEWDMui5guwKHnUg9t+F+w1MBxnt+s/B5Ood9ekHKWK:b+fSlkJDMutuwKHUAt+cw1Mruod9ek
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T163A533E6D0F58D10F432D9336679F8D6C60A200A6A92722FBE07C6C2137DBE467C5A57
sha3_384: 8b62a091f70e56d671467b1c8ee5849f4458a091c2065812e8da1d9c7debe02021cbf442941258f21d786899c2ca50b5
ep_bytes: 60be00b08d008dbe0060b2ff5783cdff
timestamp: 2021-03-19 11:23:30


Version Info:

CompanyName: Adeds QQ:778716166
FileDescription: 基础应用类程序
FileVersion: 1.0.0.0
InternalName: R2登录器12(无语言,有更新,简约皮肤)
LegalCopyright: (C) Adeds Copyright All Reserved.
OriginalFilename: _R2登录器12(无语言,有更新,简约皮肤).exe
ProductName: R2 登录器
ProductVersion: 1.0.0.0
PrivateBuild: 基础应用类程序
SpecialBuild: 基础应用类程序
Comments: 基础应用类程序
Translation: 0x0804 0x04b0

Malware.AI.1388765903 also known as:

LionicTrojan.Multi.Generic.lmpu
Elasticmalicious (high confidence)
DrWebTrojan.Siggen9.11404
MicroWorld-eScanTrojan.GenericKD.47568712
FireEyeGeneric.mg.ca413295c2fe0aee
ALYacTrojan.GenericKD.47568712
CylanceUnsafe
SangforTrojan.Win32.Save.a
K7AntiVirusAdware ( 00506e8d1 )
AlibabaTrojan:Win32/Injuke.20cbe08a
K7GWAdware ( 00506e8d1 )
Cybereasonmalicious.53712a
BitDefenderThetaGen:NN.ZexaF.34062.boKfaS3KLskb
CyrenW32/Trojan.CLL.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Packed.BlackMoon.A potentially unwanted
APEXMalicious
Paloaltogeneric.ml
KasperskyTrojan.Win32.Injuke.fdsd
BitDefenderTrojan.GenericKD.47568712
AvastWin32:Malware-gen
Ad-AwareTrojan.GenericKD.47568712
EmsisoftTrojan.GenericKD.47568712 (B)
ComodoPacked.Win32.MUPX.Gen@24tbus
ZillyaTrojan.Convagent.Win32.4900
TrendMicroTROJ_GEN.R002C0WL821
McAfee-GW-EditionBehavesLike.Win32.Generic.vc
SophosGeneric PUA MA (PUA)
SentinelOneStatic AI – Malicious PE
GDataTrojan.GenericKD.47568712
JiangminTrojan/Swisyn.vkb
eGambitUnsafe.AI_Score_100%
AviraTR/ATRAPS.Gen
Antiy-AVLTrojan/Generic.ASCommon.FA
GridinsoftRansom.Win32.Gen.sa
MicrosoftTrojan:Win32/Woreflint.A!cl
CynetMalicious (score: 100)
McAfeeArtemis!CA413295C2FE
MAXmalware (ai score=89)
VBA32BScope.Trojan.Tiggre
MalwarebytesMalware.AI.1388765903
TrendMicro-HouseCallTROJ_GEN.R002C0WL821
RisingTrojan.Kryptik!1.B3E8 (CLASSIC)
YandexRiskware.BlackMoon!UThXGv3qtis
FortinetW32/CoinMiner.65CA!tr
AVGWin32:Malware-gen
PandaTrj/CI.A

How to remove Malware.AI.1388765903?

Malware.AI.1388765903 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment