Malware

How to remove “Malware.AI.1461730325”?

Malware Removal

The Malware.AI.1461730325 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.1461730325 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Stores JavaScript or a script command in the registry, likely for fileless persistence

How to determine Malware.AI.1461730325?



File Info:

name: 923B78169D65F32B00F9.mlw
path: /opt/CAPEv2/storage/binaries/dc7396712b79e358dbd256713f24c432398d2e6ef83e383c33596dd4728bafd0
crc32: 39AEA563
md5: 923b78169d65f32b00f9107a8b4a9af8
sha1: b22d767bd85682c1051b16d5c90d6f098f65d82b
sha256: dc7396712b79e358dbd256713f24c432398d2e6ef83e383c33596dd4728bafd0
sha512: 3363f8eb5047de2352ce83c7aa3a5ad5a420b2859932953f1850ac58ba4952d2ca9b73d76c3090f137567d2783128185c953d48325aaebc7a90a7fafccefac00
ssdeep: 98304:U4Ots2VtBFdWrVvm0ez5YPDqaWMIekUi0dV:UJtsux10ezceaWMXkUi0T
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1E9F5336220AE44B6DFD45530B6C391ACBF7FBD0D4AA9523779245F9E14BB076C02A8C3
sha3_384: c2004a7b646d29d0f2e252f007207a32e0fe35009b29095c1b0288ed02c261397caac88a1b8b03f534dae8b932afefa2
ep_bytes: 53ff154c704000b3223818740380c3fe
timestamp: 2001-01-09 14:09:05


Version Info:

0: [No Data]

Malware.AI.1461730325 also known as:

LionicTrojan.MSIL.Agensla.i!c
Elasticmalicious (high confidence)
DrWebTrojan.PWS.StealerNET.69
CynetMalicious (score: 99)
FireEyeDropped:Generic.Malware.LUg.EE005D06
ALYacDropped:Generic.Malware.LUg.EE005D06
CylanceUnsafe
BitDefenderDropped:Generic.Malware.LUg.EE005D06
BitDefenderThetaGen:NN.ZevbaF.34182.dm0@aOpMY0li
CyrenW32/Trojan.PNGD-3769
SymantecTrojan.Gen.MBT
ESET-NOD32a variant of Win32/WinSpy potentially unsafe
Paloaltogeneric.ml
ClamAVWin.Malware.Ursu-9883073-0
KasperskyUDS:Trojan-PSW.MSIL.Agensla.gen
AlibabaWorm:Win32/vobfus.1030
NANO-AntivirusTrojan.Win32.Agensla.igwvin
MicroWorld-eScanDropped:Generic.Malware.LUg.EE005D06
RisingTrojan.Generic/MSIL@AI.93 (RDM.MSIL:WZls2LvpEI43NyULG5RLdQ)
EmsisoftDropped:Generic.Malware.LUg.EE005D06 (B)
McAfee-GW-EditionRDN/Generic PWS.y
SophosMal/Generic-S
AviraHEUR/AGEN.1203310
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
GDataDropped:Generic.Malware.LUg.EE005D06
McAfeeArtemis!923B78169D65
MAXmalware (ai score=86)
VBA32BScope.TrojanPSW.MSIL.Agensla
MalwarebytesMalware.AI.1461730325
TencentMsil.Trojan-spy.Agent.Hqlf
SentinelOneStatic AI – Suspicious SFX
AVGWin32:PWSX-gen [Trj]
Cybereasonmalicious.69d65f
AvastWin32:PWSX-gen [Trj]

How to remove Malware.AI.1461730325?

Malware.AI.1461730325 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment