Categories: Malware

Malware.AI.1459780135 removal tips

The Malware.AI.1459780135 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.1459780135 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Possible date expiration check, exits too soon after checking local time
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Unconventionial language used in binary resources: Russian
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Malware.AI.1459780135?



File Info:

name: 87797DBC4E881C44B5D0.mlwpath: /opt/CAPEv2/storage/binaries/e52675599c4f716a7f6bc0986e7bd4987f989ba86dcc4f8fdcb005bfe6a9af5fcrc32: F6157861md5: 87797dbc4e881c44b5d0f2d3fbda2b3asha1: 205b3570d4fe02c6afc66f59eee9677dd7062de9sha256: e52675599c4f716a7f6bc0986e7bd4987f989ba86dcc4f8fdcb005bfe6a9af5fsha512: 19111366f1fbe860dfe4b21e7f96ab7fc29f34d6c1ed00468359b564685fc32207118fdb6dc1f835b9bd075bf307f0fd7b4321ac57583a88055f32e276263261ssdeep: 768:3WHHVJVuN+Yu91uE6TcSVe47fMzliZdVb7wyW6lr+0ZmSq1F15FCNs:3GniDiiZdxhWEySMFrFMtype: PE32 executable (GUI) Intel 80386, for MS Windowstlsh: T196C3F1637CE796F2D68F0A758493053CEA715740BB598A2AD659033ACF7738AFC09B10sha3_384: 878d54f4232f651ae3e38756f8be58a994ce5f08e256b30ad8a4d9f741c6ca61e98e72e813ff5d889792aa8fb5e43424ep_bytes: 66928d87945bc10466f7d664a1300000timestamp: 2005-08-03 19:11:22

Version Info:

CompanyName: †SOFTWIN⛚킒䀃⥧껭炻鞅udfb0깚뼕螗ꋓ爧㶔鸫穣奤ﴵ霧촤㓏륰ᔂ迗埧瀮뼿螾詪⵬澃褕䏡豱᪫眉旎⸘䠥庾탦衚鉭깚ឲud9a7澒ᝣꆈ⣶䎑퉄骞鳣⍇ᓇ哜泸蠄ﮖᒺᐪ㍈o⾪☻繚㈡퐚⃬컞ᵷ䤾臀爇㐣뮆둛༖ᢽ⼉嶀໙咴ẏ┆黤蕛Ⱏữイ몗䐠᫠餠툔척赙坂잨䥖ude69虄ꅴ骧ᛀ깊㨐긮ud92e뇖랸ᙗꁯ೒ⱴ扷㨠ud92b縹奧龮돻꼴Ṡ卌帗㞊쭰ᅗ걳쪳䠰Ⱬ樰燓ud842鄇䮫짟敏ᔑ┵窩jᇼ뛁ễudede낵旕탖肬᭻팗쌒ю絑夘킂ㅡ䘂䕞ⶎ铹祈秴犏R䙴㸫∻‾꣹ᆃ鶤瞥쬡⮽睌劰唀깟쫺䁫隓㸇饔ꨭ뜙さ䯎듩켏䴬퀎胠莩樚竎胩䚗ᦾ濖᧣뇽ꥮ꼽뾒쫒夗ꬅ넱쟋줹怖Ⲻ鯢ෟお輥缱udf26셓뺢뽏龂⤃릦绶맕ud8b9䁉㪭敄뇼퇧ꟈ嫯鳍䂍魨諦⣩ᢁ뭺御䄰聊ȡ슻牽Ⴛ윌맛긡uda7d萦ࢶ悸緢㭂繁烈㼼浸敶獲潩㵮ㄢ〮•湥潣楤杮∽呕ⵆ∸猠慴摮污湯㵥礢獥㼢ാ㰊獡敳扭祬砠汭獮∽牵㩮捳敨慭⵳業牣獯景⵴潣㩭獡⹭ㅶ•慭楮敦瑳敖獲潩㵮ㄢ〮㸢਍†愼獳浥汢䥹敤瑮瑩൹ ††瘠牥楳湯∽⸱⸰⸰∰਍†††牰捯獥潳䅲捲楨整瑣牵㵥堢㘸ഢ ††渠浡㵥䴢物湡慤䴮物湡慤䴮物湡慤ഢ ††琠灹㵥眢湩㈳ഢ ⼠ാ 㰠敤捳楲瑰潩㹮䥑㱐搯獥牣灩楴湯ാ 㰠牴獵䥴普浸湬㵳產湲猺档浥獡洭捩潲潳瑦挭浯愺浳瘮∲ാ †㰠敳畣楲祴ാ ††㰠敲畱獥整偤楲楶敬敧㹳਍††††爼煥敵瑳摥硅捥瑵潩䱮癥汥਍†††††敬敶㵬愢䥳癮歯牥ഢ ††††甠䅩捣獥㵳昢污敳⼢ാ ††㰠爯煥敵瑳摥牐癩汩来獥ാ †㰠猯捥牵瑩㹹਍†⼼牴獵䥴普㹯਍⼼獡敳扭祬>:

Malware.AI.1459780135 also known as:

Lionic Trojan.Win32.Zbot.lTEg
Elastic malicious (high confidence)
MicroWorld-eScan Trojan.Brsecmon.1
FireEye Generic.mg.87797dbc4e881c44
McAfee Generic PWS.lv
Malwarebytes Malware.AI.1459780135
Zillya Trojan.Zbot.Win32.26392
Sangfor Trojan.Win32.Save.a
CrowdStrike win/malicious_confidence_100% (W)
Alibaba TrojanSpy:Win32/FakeAlert.07400587
K7GW Trojan ( 005110401 )
K7AntiVirus Trojan ( 005110401 )
BitDefenderTheta Gen:NN.ZexaF.34232.h40@ainjDNgI
VirIT Trojan.Win32.Generic.ZWT
Cyren W32/FakeAlert.OG.gen!Eldorado
Symantec ML.Attribute.HighConfidence
ESET-NOD32 Win32/Spy.Zbot.YW
TrendMicro-HouseCall TROJ_KRYPTK.SMM
ClamAV Win.Trojan.Zbot-48181
Kaspersky HEUR:Trojan.Win32.Generic
BitDefender Trojan.Brsecmon.1
NANO-Antivirus Virus.Win32.Gen.ccmw
SUPERAntiSpyware Trojan.Agent/Gen-Backdoor[Softwin]
APEX Malicious
Tencent Malware.Win32.Gencirc.114bb2e4
Ad-Aware Trojan.Brsecmon.1
Emsisoft Trojan.Brsecmon.1 (B)
Comodo Malware@#1pgc8kuyl7hh3
DrWeb Trojan.PWS.Panda.487
VIPRE Trojan.Win32.Generic!BT
TrendMicro TROJ_KRYPTK.SMM
McAfee-GW-Edition BehavesLike.Win32.Obfuscated.ch
Sophos Mal/Generic-R + Mal/Zbot-IM
Ikarus Trojan-Spy.Agent
GData Trojan.Brsecmon.1
Jiangmin Trojan/Generic.bdne
Webroot W32.Infostealer.Zeus
Avira TR/Crypt.XPACK.Gen2
MAX malware (ai score=99)
Antiy-AVL Trojan/Generic.ASMalwS.E66E3
Gridinsoft Ransom.Win32.Zbot.sa
ZoneAlarm HEUR:Trojan.Win32.Generic
Microsoft PWS:Win32/Zbot
Cynet Malicious (score: 100)
Acronis suspicious
VBA32 Trojan.Zeus.EA.01000
TACHYON Trojan-Spy/W32.ZBot.122368.AI
Cylance Unsafe
Avast Win32:MalOb-CK [Cryp]
Rising Spyware.Zbot!8.16B (CLOUD)
Yandex Trojan.GenAsa!/yKlIn1AbCA
SentinelOne Static AI – Malicious PE
Fortinet W32/Kryptik.AJ!tr
AVG Win32:MalOb-CK [Cryp]
Panda Generic Malware

How to remove Malware.AI.1459780135?

  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.
Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment
Share
Published by
Paul Valéry
Tags: Malware.AI.1459780135
2 years ago

Recent Posts

MSIL/GenKryptik.GXIZ information

The MSIL/GenKryptik.GXIZ is considered dangerous by lots of security experts. When this infection is active,…

2 months ago

Malware.AI.2789448175 (file analysis)

The Malware.AI.2789448175 is considered dangerous by lots of security experts. When this infection is active,…

2 months ago

Jalapeno.1878 removal instruction

The Jalapeno.1878 is considered dangerous by lots of security experts. When this infection is active,…

2 months ago

What is “Trojan.Heur3.LPT.YmKfaKBcBekib”?

The Trojan.Heur3.LPT.YmKfaKBcBekib is considered dangerous by lots of security experts. When this infection is active,…

2 months ago

How to remove “Worm.Win32.Vobfus.exmt”?

The Worm.Win32.Vobfus.exmt is considered dangerous by lots of security experts. When this infection is active,…

2 months ago

About “TrojanDownloader:Win32/Beebone.JO” infection

The TrojanDownloader:Win32/Beebone.JO is considered dangerous by lots of security experts. When this infection is active,…

2 months ago