Malware

Malware.AI.1536636836 removal instruction

Malware Removal

The Malware.AI.1536636836 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.1536636836 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Uses Windows utilities for basic functionality
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • Authenticode signature is invalid
  • Uses Windows utilities to create a scheduled task
  • Checks the version of Bios, possibly for anti-virtualization
  • Checks the presence of disk drives in the registry, possibly for anti-virtualization
  • Deletes executed files from disk
  • Collects information to fingerprint the system
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Malware.AI.1536636836?



File Info:

name: 5582DB19CA80C2B277AD.mlw
path: /opt/CAPEv2/storage/binaries/11c03de94bfcd5f9883343550f0d07cb92da973043153d9634d476a8a36c90e2
crc32: BD99121E
md5: 5582db19ca80c2b277ad526211a689e1
sha1: c631f2ea2168a77f4efe79e19144c1445cfdd004
sha256: 11c03de94bfcd5f9883343550f0d07cb92da973043153d9634d476a8a36c90e2
sha512: 6f238549e9b11247976105ea340104336285bf0d2951982b1f9df020243d3d1856d19ae7f108d4de0d7c6597d3030ba75b94aa5b16d1d7418b6aeca375ad98b2
ssdeep: 3072:6ZQzzq454b+MZAartphR64d+NlcWuflXqQTS6FlBIt/Bv:2yzqq4CMyarzgl2f/TJxOBv
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T106055C237CCD99F8D3542C7C0D96EC2C971AB79B61264DC1F5D8431A4FAA20BD4878BA
sha3_384: 99930315735e97acde6eac2c0473f2d840063c5002eacbbf7f52cf0836328feb56590c851d25b3d899602f11ad965ab3
ep_bytes: 6a6068a8ab4b00e818160000bf940000
timestamp: 2012-12-24 15:47:29


Version Info:

0: [No Data]

Malware.AI.1536636836 also known as:

LionicTrojan.Win32.Generic.lIKC
tehtrisGeneric.Malware
MicroWorld-eScanGen:Variant.Symmi.30841
CAT-QuickHealTrojanDropper.Vundo.AB3
ALYacGen:Variant.Symmi.30841
MalwarebytesMalware.AI.1536636836
VIPREGen:Variant.Symmi.30841
SangforSuspicious.Win32.Evo.atgen
CrowdStrikewin/malicious_confidence_90% (D)
VirITTrojan.Win32.DownLoader7.WBW
CyrenW32/Agent.AEB.gen!Eldorado
SymantecPacked.Generic.455
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Kryptik.BESX
APEXMalicious
CynetMalicious (score: 100)
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Variant.Symmi.30841
NANO-AntivirusVirus.Win32.Gen-Crypt.ccnc
AvastWin32:Trojan-gen
TencentMalware.Win32.Gencirc.10b451bf
EmsisoftGen:Variant.Symmi.30841 (B)
F-SecureTrojan.TR/Vundo.Gen
DrWebTrojan.DownLoader7.14920
ZillyaTrojan.Pirminay.Win32.3155
McAfee-GW-EditionBehavesLike.Win32.Generic.cm
FireEyeGeneric.mg.5582db19ca80c2b2
SophosMal/EncPk-ACWD
GDataGen:Variant.Symmi.30841
JiangminTrojan/Generic.azpdd
WebrootW32.Rogue.Gen
AviraTR/Vundo.Gen
MAXmalware (ai score=84)
Antiy-AVLTrojan/Win32.AGeneric
Kingsoftmalware.kb.a.999
XcitiumTrojWare.Win32.ZPACK.BCDQ@54vvo4
ArcabitTrojan.Symmi.D7879
ZoneAlarmHEUR:Trojan.Win32.Generic
MicrosoftTrojan:Win32/Vundo
GoogleDetected
AhnLab-V3Trojan/Win32.Symmi.R89794
McAfeeCorrupt-SQ!5582DB19CA80
Cylanceunsafe
PandaTrj/Genetic.gen
RisingTrojan.Vundo!8.4FC (TFE:5:ukEeBSS9hxH)
YandexTrojan.Kryptik!DYKj3rtIu9M
IkarusTrojan.Win32.Pirminay
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Ponmocup.GA!tr
BitDefenderThetaGen:NN.ZexaF.36738.1mX@aqaxECj
AVGWin32:Trojan-gen
Cybereasonmalicious.a2168a
DeepInstinctMALICIOUS

How to remove Malware.AI.1536636836?

Malware.AI.1536636836 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment