Malware

Malware.AI.1511372045 removal guide

Malware Removal

The Malware.AI.1511372045 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.1511372045 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • Enumerates running processes
  • Unconventionial language used in binary resources: Spanish (Honduras)
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Steals private information from local Internet browsers
  • Likely virus infection of existing system binary

How to determine Malware.AI.1511372045?



File Info:

name: F9B26A27239856C6373E.mlw
path: /opt/CAPEv2/storage/binaries/cccebf92a4b618d0fc75bbbb9b1ca438c955f56f6c20efd2e4c9546395c7e0a9
crc32: 87272E7A
md5: f9b26a27239856c6373e4394743789d7
sha1: 070f1ae1e58539ad06f63f70ae965405593e6a54
sha256: cccebf92a4b618d0fc75bbbb9b1ca438c955f56f6c20efd2e4c9546395c7e0a9
sha512: d902c770b6fa7945d8c241a1e73067d3b954c861bdde92f0594972ffa0f49d7d723688ee558092e3e2fc5d3c770cc606bb543b8c2bd0363f3e5dbb6392643d37
ssdeep: 49152:+g6I4Dwr54bh5b4S1PB/xdKTWiAM+MNBxLd3Z88dA7wpN:+lI4DwNorb42N3KaiAM+MNjLdpA
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1D8C5BF0727ECD871D6738079C8570EFD0B2A7C23DA25D44723E27C1E79F1AA9A960366
sha3_384: 266de961cb383d35cd1235bc05122ad589d2e22cd912372621965e6e930cf1fc7c29e7ffe259d27dba9f56060b633901
ep_bytes: 558bec6aff68e88a570068f465570064
timestamp: 2021-11-27 00:01:56


Version Info:

CompanyName: Vincenzo Iuorno
FileDescription: LookDisk
FileVersion: 5.4.0.68
InternalName: LookDisk
LegalCopyright: Copyright by Vincenzo Iuorno
LegalTrademarks: 
OriginalFilename: 
ProductName: LookDisk
ProductVersion: 5.4
Comments: 
Last Compile: 2012-04-06 17:44
Translation: 0x0409 0x04e4

Malware.AI.1511372045 also known as:

BkavW32.AIDetect.malware2
LionicTrojan.Win32.Injuke.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Zusy.409295
FireEyeGeneric.mg.f9b26a27239856c6
McAfeeGenericRXRA-AD!F9B26A272398
CylanceUnsafe
K7AntiVirusTrojan ( 005690671 )
BitDefenderGen:Variant.Zusy.409295
K7GWTrojan ( 005690671 )
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Kryptik.HLIQ
TrendMicro-HouseCallTROJ_GEN.R002C0WL821
Paloaltogeneric.ml
KasperskyHEUR:Trojan.Win32.Injuke.gen
AlibabaTrojan:Win32/Injuke.f160fe84
RisingTrojan.Generic@ML.94 (RDML:fFvIZZRMjZiQncD0XDB4SQ)
Ad-AwareGen:Variant.Zusy.409295
EmsisoftGen:Variant.Zusy.409295 (B)
DrWebTrojan.Siggen16.1755
TrendMicroTROJ_GEN.R002C0WL821
SophosMal/Generic-S
APEXMalicious
AviraHEUR/AGEN.1142521
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
GDataWin32.Trojan.PSE.1IAKRUN
CynetMalicious (score: 100)
AhnLab-V3Adware/Win.Generic.R456374
ALYacGen:Variant.Zusy.409295
MAXmalware (ai score=89)
MalwarebytesMalware.AI.1511372045
PandaTrj/CI.A
TencentWin32.Trojan.Injuke.Efug
YandexTrojan.Injuke!080FsGqZE0Y
SentinelOneStatic AI – Malicious PE
FortinetW32/Kryptik.HATU!tr
AVGWin32:Trojan-gen
AvastWin32:Trojan-gen
CrowdStrikewin/malicious_confidence_70% (W)

How to remove Malware.AI.1511372045?

Malware.AI.1511372045 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment