Malware

Should I remove “Malware.AI.1539920257”?

Malware Removal

The Malware.AI.1539920257 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.1539920257 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Creates RWX memory
  • Guard pages use detected – possible anti-debugging.
  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Binary compilation timestomping detected

How to determine Malware.AI.1539920257?



File Info:

name: CBEBFBF5B1DE1B0CE220.mlw
path: /opt/CAPEv2/storage/binaries/63847befe880eaeddbe51bdb36d3fa3451522c3a6ef88bc86e54692ac5a13870
crc32: 138E7234
md5: cbebfbf5b1de1b0ce22041d5a720b27b
sha1: 50e3c58a68445d87c88776a96f7aa83c6bfafc72
sha256: 63847befe880eaeddbe51bdb36d3fa3451522c3a6ef88bc86e54692ac5a13870
sha512: 78437afebeff0b907bf35ae3554263095fd18bfd1d8d0e879216bd975d35064e052c03db9adf4259a82b1b61ef82518bc3787801fbab7c68ee7758e804c99fee
ssdeep: 1536:FXf9RMbyQpRwoesStTxvUdhSpiNerD/S9brj8V+whZ85jPNf1uWYyx/EcoJ22:FXf9RUyQpRwvJUPSMg+bCTgRAg/S
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T192648222E1CF5E16F56C0E7E5D22E4B301B26D206AF2E93504D9BF6B72B23C25E1541E
sha3_384: 113b87a85b5241fcc06d82c5cf26465a2bbddb599dc52e2c7fdf5f1ddc662b8802551ba394756afcd750a860f272350b
ep_bytes: ff250020400000000000000000000000
timestamp: 2056-05-01 03:22:22


Version Info:

Translation: 0x0000 0x04b0
Comments: A simple fun little tool
CompanyName: AppleSoft
FileDescription: Jackbit
FileVersion: 1.3.3.7
InternalName: R.I.P DDoser.exe
LegalCopyright: Copyright © Ozz 2022
LegalTrademarks: OzzSoft
OriginalFilename: R.I.P DDoser.exe
ProductName: Jackbit
ProductVersion: 1.3.3.7
Assembly Version: 1.3.3.7

Malware.AI.1539920257 also known as:

MicroWorld-eScanTrojan.GenericKD.49052605
ALYacTrojan.GenericKD.49052605
CylanceUnsafe
SangforTrojan.MSIL.BitStealer.gen
K7AntiVirusTrojan ( 00593d691 )
AlibabaTrojanBanker:MSIL/BitStealer.cbd776db
K7GWTrojan ( 00593d691 )
CyrenW32/ABRisk.DWNI-5715
ESET-NOD32MSIL/ClipBanker.ABJ
APEXMalicious
KasperskyHEUR:Trojan-Banker.MSIL.BitStealer.gen
BitDefenderTrojan.GenericKD.49052605
AvastWin32:BankerX-gen [Trj]
TencentMsil.Trojan-banker.Bitstealer.Tcvz
Ad-AwareTrojan.GenericKD.49052605
DrWebTrojan.PWS.Stealer.33427
TrendMicroTROJ_GEN.R002C0PEQ22
McAfee-GW-EditionRDN/PWS-Banker
FireEyeTrojan.GenericKD.49052605
EmsisoftTrojan.GenericKD.49052605 (B)
SentinelOneStatic AI – Suspicious PE
GDataTrojan.GenericKD.49052605
AviraTR/BitStealer.avgnz
MAXmalware (ai score=85)
ViRobotTrojan.Win32.Z.Agent.314880.LE
CynetMalicious (score: 99)
AhnLab-V3Trojan/Win.Generic.C5141083
McAfeeRDN/PWS-Banker
MalwarebytesMalware.AI.1539920257
TrendMicro-HouseCallTROJ_GEN.R002C0PEQ22
IkarusTrojan.MSIL.ClipBanker
MaxSecureTrojan.Malware.74197676.susgen
FortinetPossibleThreat
BitDefenderThetaGen:NN.ZemsilF.34712.tm0@aiIUZum
AVGWin32:BankerX-gen [Trj]

How to remove Malware.AI.1539920257?

Malware.AI.1539920257 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment