Malware

Malware.AI.1427020692 (file analysis)

Malware Removal

The Malware.AI.1427020692 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.1427020692 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Dynamic (imported) function loading detected
  • Enumerates running processes
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid

How to determine Malware.AI.1427020692?



File Info:

name: CBC43C57C0EFD2C624C0.mlw
path: /opt/CAPEv2/storage/binaries/7c8862ba3b7c7208970f540fa79a771bfb8437d6549a659f0d29f19465afce54
crc32: 8AF0658C
md5: cbc43c57c0efd2c624c0cb9b73caed65
sha1: 249acb05e7a71823e96fd25936285b090107b948
sha256: 7c8862ba3b7c7208970f540fa79a771bfb8437d6549a659f0d29f19465afce54
sha512: 270457ace0874d69871c267cf2df3ee4246ef21fb277174c3d1ab9df83c8ae8e2de0b7368027fad3f27ebbd649a3078fc322f9d9289045fd9b069da02eba2029
ssdeep: 24576:rCdxte/80jYLT3U1jfsWahMN4pMM/lXTzq5OeodrN6QPnf2nlQ:iw80cTsjkWahX7/ljzq5Oe8rQQPO2
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1CF75CE2273CDC365CB669D33FF6A73016EBB7C710A20F85B2E881DF9A950161166C663
sha3_384: bc6ef9831de5d422960fd453a6fdc7ffa0d9281ad0fcf9680a63225ea428eac6a414c4329c4bf572e40671041550b0d5
ep_bytes: e8b8d00000e97ffeffffcccccccccccc
timestamp: 2021-12-07 19:33:27


Version Info:

CompanyName: Rifbot
FileDescription: Rifbot
FileVersion: 2.0.1
LegalCopyright: © Rifbot
LegalTrademarks: Trademark Rifbot'
OriginalFilename: Rifbot.exe
ProductName: Rifbot
ProductVersion: 2.0.1
Translation: 0x0809 0x04b0

Malware.AI.1427020692 also known as:

BkavW32.AIDetect.malware1
Elasticmalicious (high confidence)
MicroWorld-eScanAIT:Trojan.Nymeria.4511
FireEyeAIT:Trojan.Nymeria.4511
McAfeeArtemis!CBC43C57C0EF
CylanceUnsafe
AlibabaMalware:Win32/km_2c676d.None
Cybereasonmalicious.7c0efd
CyrenW32/AutoIt.QZ.gen!Eldorado
APEXMalicious
BitDefenderAIT:Trojan.Nymeria.4511
Ad-AwareAIT:Trojan.Nymeria.4511
EmsisoftAIT:Trojan.Nymeria.4511 (B)
McAfee-GW-EditionBehavesLike.Win32.TrojanAitInject.tc
GridinsoftRansom.Win32.Sabsik.sa
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
GDataAIT:Trojan.Nymeria.4511 (2x)
AhnLab-V3Trojan/Win32.Nymeria.C4218016
ALYacAIT:Trojan.Nymeria.4511
MAXmalware (ai score=85)
MalwarebytesMalware.AI.1427020692
TrendMicro-HouseCallTROJ_GEN.R002H09L821
FortinetW32/PossibleThreat
CrowdStrikewin/malicious_confidence_80% (W)

How to remove Malware.AI.1427020692?

Malware.AI.1427020692 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment