Malware

Malware.AI.1408957638 removal

Malware Removal

The Malware.AI.1408957638 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.1408957638 virus can do?

  • Uses Windows utilities for basic functionality
  • Performs HTTP requests potentially not found in PCAP.
  • Unconventionial language used in binary resources: Spanish
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Attempts to modify proxy settings
  • Touches a file containing cookies, possibly for information gathering
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Malware.AI.1408957638?



File Info:

name: 1BD0A66BF608AF4E3F54.mlw
path: /opt/CAPEv2/storage/binaries/a6df87fd0c97b38c5d4ef7dca34e0b89220a9fa8260b983135e2938ab104a72e
crc32: 2D939314
md5: 1bd0a66bf608af4e3f543d64ab838776
sha1: be316ddeba7a458d77bc9d5ebb841b9cc1360b10
sha256: a6df87fd0c97b38c5d4ef7dca34e0b89220a9fa8260b983135e2938ab104a72e
sha512: eeaa2d4e5d39f40b4ac08a7940fb44dd0791e5b2b92566ede03b35665608ef886ce44c4aa0e0c1543da787dea2599f04782ad43623f00539e1fe1e32c35b0b97
ssdeep: 24576:xBXu9HGaklzmAqfS3aUDt5bIRpaFPryPt5fU8g69dBbjNrSBuEZfIjUzHwP6:xw9kPlXbI2FPWPs8g69dBbjNrSJZfIj9
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1F04523864A8177BEE0817CB4472DF9D184237C539E693FC04C8AF4A8597FEC8E18695B
sha3_384: bc9d3b01632624dabd54de242ea5d08f45bcf27e39a238a5766f20619371669b1388241a2c12931f5432c185f3c61f63
ep_bytes: 60be009047008dbe0080f8ff57eb0b90
timestamp: 2023-06-27 11:56:32


Version Info:

FileVersion: 1.23.06.178
Comments: This file is part of a set of private tools for IT technicians in Spain. More info at www.pixe.es. E-mail contact: contacto@pixe.es.
FileDescription: Componente de PiXE. Elimine este archivo si desconoce su procedencia.
ProductVersion: 06.23
LegalCopyright: Pablo Antonio Navarro Reyes © 2011-2021
InternalName: pixe-menu.exe
ProductName: PiXE-Menu - Menú preinstalación de PiXE
CompanyName: PiXE.es
Translation: 0x040a 0x04b0

Malware.AI.1408957638 also known as:

LionicTrojan.Win32.Nymeria.4!c
MicroWorld-eScanAIT:Trojan.Nymeria.5508
SkyhighBehavesLike.Win32.TrojanAitInject.tc
ALYacAIT:Trojan.Nymeria.5508
MalwarebytesMalware.AI.1408957638
VIPREAIT:Trojan.Nymeria.5508
SangforTrojan.Win32.Agent.Venf
BitDefenderAIT:Trojan.Nymeria.5508
CrowdStrikewin/malicious_confidence_70% (W)
Elasticmalicious (moderate confidence)
APEXMalicious
RisingTrojan.Obfus/Autoit!1.C9CD (CLOUD)
SophosMal/Generic-R
Trapminemalicious.high.ml.score
FireEyeGeneric.mg.1bd0a66bf608af4e
EmsisoftAIT:Trojan.Nymeria.5508 (B)
JiangminTrojan.Generic.hqyuh
GoogleDetected
VaristW32/ABTrojan.JSXR-7614
Antiy-AVLGrayWare/Autoit.BinToStr.a
ArcabitAIT:Trojan.Nymeria.D1584 [many]
GDataAIT:Trojan.Nymeria.5508 (3x)
CynetMalicious (score: 100)
AhnLab-V3PUP/Win32.Agent.C2127860
McAfeeArtemis!1BD0A66BF608
MAXmalware (ai score=83)
DeepInstinctMALICIOUS
VBA32Trojan.Autoit.Wirus
Cylanceunsafe
TrendMicro-HouseCallTROJ_GEN.R002H09G123
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.210732533.susgen
FortinetW32/PossibleThreat
AVGWin32:Malware-gen
AvastWin32:Malware-gen

How to remove Malware.AI.1408957638?

Malware.AI.1408957638 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment