Malware

Should I remove “Malware.AI.149779665”?

Malware Removal

The Malware.AI.149779665 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.149779665 virus can do?

  • Executable code extraction
  • Attempts to connect to a dead IP:Port (1 unique times)
  • Presents an Authenticode digital signature
  • Drops a binary and executes it
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Deletes its original binary from disk
  • Installs itself for autorun at Windows startup
  • Creates a hidden or system file
  • Creates a copy of itself
  • Creates a slightly modified copy of itself

How to determine Malware.AI.149779665?



File Info:

crc32: B27C6D59
md5: feb4e0f66b108fce17c258e97b621a10
name: FEB4E0F66B108FCE17C258E97B621A10.mlw
sha1: 6f535216eb2f040953af7b16ccbd41f54bcf8c47
sha256: 2ce10131ef3f093ec22ca69758d95f551412d91a34ba089cf3a9623f98923477
sha512: 46daacaf5391e3d654a28f648f62bb19ea1177a25e483b0ae3cc4c672c7c00ec2fc2efa4d72855a871c5148bfa36b67edd726d3a05314616150fd31e1d13b47c
ssdeep: 12288:PGXqG/H1k6hUvoNUrIE33T5zTTlL9O3ZO6epkflNaGD0u74tt+3hJLGgFqLF:PZwk6hUv/sEnnL6zLaGD46LLGnZ
type: PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed


Version Info:

LegalCopyright: x4f5cx8005x7248x6743x6240x6709 x8bf7x5c0ax91cdx5e76x4f7fx7528x6b63x7248
FileVersion: 1.0.0.0
Comments: x672cx7a0bx5e8fx4f7fx7528x6613x8bedx8a00x7f16x5199(http://www.eyuyan.com)
ProductName: Windows x6838x5fc3x8fdbx7a0b
ProductVersion: 1.0.0.0
FileDescription: Windows x914dx7f6ex7a0bx5e8f
Translation: 0x0804 0x04b0

Malware.AI.149779665 also known as:

BkavW32.AIDetect.malware1
K7AntiVirusTrojan ( 00521b151 )
Elasticmalicious (high confidence)
DrWebTrojan.DownLoader30.33448
CynetMalicious (score: 100)
CAT-QuickHealTrojan.GenericRI.S23102915
ALYacGen:Variant.Jaik.44597
CylanceUnsafe
CrowdStrikewin/malicious_confidence_60% (D)
K7GWTrojan ( 00521b151 )
Cybereasonmalicious.66b108
CyrenW32/FlyAgent.C.gen!Eldorado
SymantecBackdoor.Zegost
ESET-NOD32a variant of Win32/Flyagent.NGX
APEXMalicious
AvastWin32:Trojan-gen
ClamAVWin.Dropper.Gh0stRAT-9789289-0
KasperskyHEUR:Trojan.Win32.Siscos.gen
BitDefenderGen:Variant.Fragtor.42482
NANO-AntivirusVirus.Win32.Agent.dvixmz
MicroWorld-eScanGen:Variant.Fragtor.42482
TencentMalware.Win32.Gencirc.10cf88b3
Ad-AwareGen:Variant.Fragtor.42482
SophosGeneric ML PUA (PUA)
BitDefenderThetaGen:NN.ZexaF.34294.WmMfaC19gaab
McAfee-GW-EditionBehavesLike.Win32.Backdoor.bc
FireEyeGeneric.mg.feb4e0f66b108fce
EmsisoftGen:Variant.Fragtor.42482 (B)
SentinelOneStatic AI – Malicious PE
JiangminTrojan.Agent.dquz
AviraTR/Dropper.Gen
Antiy-AVLTrojan/Generic.ASMalwS.34D1069
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
GDataWin32.Application.PUPStudio.A
AhnLab-V3Trojan/Win32.Generic.C1664814
Acronissuspicious
McAfeeFlyagent.d
MAXmalware (ai score=86)
VBA32BScope.Trojan.Dynamer
MalwarebytesMalware.AI.149779665
RisingTrojan.Kryptik!1.AAD1 (CLASSIC)
YandexTrojan.GenAsa!UMACS2Wk+V8
IkarusTrojan.Win32.FlyAgent
MaxSecureDropper.Dinwod.frindll
FortinetW32/CoinMiner.BELF!tr
AVGWin32:Trojan-gen

How to remove Malware.AI.149779665?

Malware.AI.149779665 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment