Malware

Malware.AI.151611092 removal guide

Malware Removal

The Malware.AI.151611092 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.151611092 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • CAPE detected the embedded win api malware family
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Malware.AI.151611092?



File Info:

name: DB4B9285E188D692B443.mlw
path: /opt/CAPEv2/storage/binaries/381221d1e01ab41d848e4becbd9d75e9ad859c7f52140f1891f27bc3cadb7c3a
crc32: 92835093
md5: db4b9285e188d692b443461af2fc2bdc
sha1: 11f950a8ac92be3ac3d5b2ed956fc5eda67b844b
sha256: 381221d1e01ab41d848e4becbd9d75e9ad859c7f52140f1891f27bc3cadb7c3a
sha512: 11175699ef51af72636decca4d3648a82d6f0197e2d69686d84234ea3bbcdef709ed5ee31b7e174fa7d04865a6f702a0debcd04b0bee92d3fc810ac039a3b932
ssdeep: 6144:mxnG0J1pTltXkBvVHsDvYHkXmfZKf7FAQ/2sBPdysVjRfDudr6SEJ:WTvXkBvODvekXmfZMA2JBPJ+5EJ
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T123742266CB40AF9CE2AAE231B22383155B57DC8545358A9423DCBD5BCF773E4981E332
sha3_384: df9ab8085a9e6c0aa9f6395da1c17e23fd5bd9a251d9afe9d862a8cd34fd57e408d54fd9e7842861416ba96bc885176c
ep_bytes: b8044059005064ff3500000000648925
timestamp: 2023-06-09 11:40:59


Version Info:

FileDescription: Setup/Uninstall
FileVersion: 51.1052.0.0
Comments: This installation was built with Inno Setup.
CompanyName: Telegram FZ-LLC                                             
LegalCopyright: Telegram FZ-LLC 2014-2023                                                                           
OriginalFileName:                                                   
ProductName: Telegram Desktop                                            
ProductVersion: 4.6.5                                             
Translation: 0x0000 0x04b0

Malware.AI.151611092 also known as:

BkavW32.Common.2BA9FB00
LionicTrojan.Win32.Jaik.4!c
MicroWorld-eScanGen:Variant.Jaik.149760
FireEyeGen:Variant.Jaik.149760
SkyhighRDN/Generic PWS.y
McAfeeRDN/Generic PWS.y
Cylanceunsafe
SangforInfostealer.Win32.Agent.Ve1d
K7AntiVirusPassword-Stealer ( 0059b7251 )
AlibabaTrojanPSW:Win32/MalwareX.2e968587
K7GWPassword-Stealer ( 0059b7251 )
Cybereasonmalicious.5e188d
BitDefenderThetaGen:NN.ZexaF.36802.wi0aaqsI2ngi
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/PSW.Agent.OPS
APEXMalicious
TrendMicro-HouseCallTROJ_GEN.R002C0PCK24
KasperskyUDS:Trojan-PSW.Win32.QQPass.gen
BitDefenderGen:Variant.Jaik.149760
AvastWin32:MalwareX-gen [Trj]
TencentWin32.Trojan.Psw.Gdhl
EmsisoftGen:Variant.Jaik.149760 (B)
F-SecureTrojan.TR/PSW.Agent.farch
VIPREGen:Variant.Jaik.149760
TrendMicroTROJ_GEN.R002C0PCK24
Trapminemalicious.high.ml.score
SophosMal/Generic-S (PUA)
JiangminTrojan.PSW.QQPass.bds
ALYacGen:Variant.Jaik.149760
AviraTR/PSW.Agent.farch
Antiy-AVLTrojan/Win32.Wacatac
KingsoftWin32.Troj.Agent.cks
MicrosoftTrojan:Win32/Wacatac.B!ml
ArcabitTrojan.Jaik.D24900
ZoneAlarmUDS:Trojan-PSW.Win32.QQPass.gen
GDataGen:Variant.Jaik.149760
CynetMalicious (score: 99)
GoogleDetected
MAXmalware (ai score=86)
MalwarebytesMalware.AI.151611092
RisingStealer.Agent!8.C2 (TFE:5:tqhUbjhQy4D)
IkarusTrojan-PSW.Agent
MaxSecureTrojan.Malware.209908134.susgen
FortinetW32/Agent.OPS!tr.pws
AVGWin32:MalwareX-gen [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_90% (W)

How to remove Malware.AI.151611092?

Malware.AI.151611092 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment