How to remove “Malware.AI.145182543”?

The Malware.AI.145182543 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.145182543 virus can do?

CAPE extracted potentially suspicious content
Authenticode signature is invalid
Uses Windows utilities for basic functionality

How to determine Malware.AI.145182543?


File Info:
name: 11715959D6FF7B241E46.mlw
path: /opt/CAPEv2/storage/binaries/391f8526162dc7ee776a76a41d376db5f65c6b95d5da16f07b72353148e79c7f
crc32: 7D8E236E
md5: 11715959d6ff7b241e461946ab760387
sha1: 3f271248372014fc7ffb22115b98085fd0d8f271
sha256: 391f8526162dc7ee776a76a41d376db5f65c6b95d5da16f07b72353148e79c7f
sha512: 8c2d25686b04911af3e758c310e650f2725a947900ee68a8fe2ded5b9408ebf9d1c43d965b0520e9ad9873ad1e6673ab545f1a12aa64cbdd5cd8ec7925e39db3
ssdeep: 6144:aYpovIcIbr8PqCRhj/BCOu5ymhU+5ceML:aYpovvVqCRh4lCb
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T13764393422F49641F67E87BD907411808BB4B143652EE71E7E9D78EEDF32B908C18A67
sha3_384: 9a9a85a96595e4f8dd2ee4d45b3d742bf4694e1919357855e72a409078089a6eb82008eedb4130df82b2b195ce54b18f
ep_bytes: ff250020400000000000040000000400
timestamp: 2022-07-09 01:40:10

Version Info:
Translation: 0x0000 0x04b0
Comments: 手机短信验证码平台
CompanyName: 手机短信验证码平台
FileDescription: 验证码平台
FileVersion: 1.0.0.0
InternalName: YJUpdform.exe
LegalCopyright: 版权所有 (C) 验证码平台
LegalTrademarks: 手机短信验证码平台
OriginalFilename: YJUpdform.exe
ProductName: 手机短信验证码平台
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Malware.AI.145182543 also known as:

Lionic	Trojan.Win32.Lazy.4!c
MicroWorld-eScan	Gen:Variant.Lazy.123256
FireEye	Gen:Variant.Lazy.123256
ALYac	Gen:Variant.Lazy.123256
Cylance	Unsafe
VIPRE	Gen:Variant.Lazy.123256
Sangfor	Trojan.Win32.Kryptik.Vhwk
K7AntiVirus	Trojan ( 0058e09d1 )
Alibaba	Trojan:MSIL/Kryptik.a38ed18d
K7GW	Trojan ( 0058e09d1 )
CrowdStrike	win/malicious_confidence_100% (W)
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of MSIL/Kryptik.AEFD
APEX	Malicious
Paloalto	generic.ml
BitDefender	Gen:Variant.Lazy.123256
Cynet	Malicious (score: 99)
Avast	Win32:TrojanX-gen [Trj]
Ad-Aware	Gen:Variant.Lazy.123256
Sophos	Mal/Generic-S
TrendMicro	TROJ_GEN.R007C0PHS22
McAfee-GW-Edition	RDN/Generic.dx
Emsisoft	Gen:Variant.Lazy.123256 (B)
Ikarus	Win32.Outbreak
GData	Gen:Variant.Lazy.123256
Avira	HEUR/AGEN.1250826
Arcabit	Trojan.Lazy.D1E178
Microsoft	Trojan:Win32/Wacatac.B!ml
AhnLab-V3	Trojan/Win.Generic.C5183771
McAfee	Artemis!11715959D6FF
MAX	malware (ai score=88)
Malwarebytes	Malware.AI.145182543
TrendMicro-HouseCall	TROJ_GEN.R007C0PHS22
Rising	Trojan.Kryptik!8.8 (CLOUD)
MaxSecure	Trojan.Malware.300983.susgen
AVG	Win32:TrojanX-gen [Trj]
Panda	Trj/GdSda.A

How to remove Malware.AI.145182543?

Malware.AI.145182543 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X