Malware

Malware.AI.155306647 removal

Malware Removal

The Malware.AI.155306647 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.155306647 virus can do?

  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid

How to determine Malware.AI.155306647?



File Info:

name: 9F9EC1A5DFDC93D9963A.mlw
path: /opt/CAPEv2/storage/binaries/3f75b9fe0232223fe2248d723c0e4566b1742a29c469d9cb025346d4986bd550
crc32: EA42FF30
md5: 9f9ec1a5dfdc93d9963a4da88d5ac58f
sha1: 0e66196e63806a543564546f1d4f6113a6a54fb9
sha256: 3f75b9fe0232223fe2248d723c0e4566b1742a29c469d9cb025346d4986bd550
sha512: 1af68e8df188652a0f17bbedcd4fe11c76d6d6c18ecbf418463f418e03491e992cce62f9f71248c58ced0068bf5aa46edd2315bfd20ddc7ea9450266ef785ec8
ssdeep: 98304:uLUVog9Rn8rH1gv/G3LKPf5bnwcsoj1dT+teAzicIwshzyhxxJ49pegRAYb:ulg9a691Hj1dT+teAufwshzAE9R
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1F2967D13F2C5503AC06B0A3A583B9654593FBB702A1A8D6F37F8594C4F35A407E3AE5B
sha3_384: ccc9a1317951f6e628258665ed6dd8600b9b98a586d982a5c7d9f8eece8c46b13852d374f5970dd183c5aa1d839f6eda
ep_bytes: 558bec83c4f0b8e8c1b900e810f085ff
timestamp: 2022-04-19 14:14:01


Version Info:

CompanyName: OkkornShouzzen App Soulderbag
FileDescription: OkkornShouzzen App Soulderbag
FileVersion: 142.768.5678.5
InternalName: OkkornShouzzen App Soulderbag
LegalCopyright: OkkornShouzzen  Copyright (C)
LegalTrademarks: OkkornShouzzen  Copyright (C)
OriginalFilename: OkkornShouzzen App Soulderbag
ProgramID: OkkornShouzzen App Soulderbag
ProductName: OkkornShouzzen App Soulderbag
ProductVersion: 142.768.5678.5
Comments: OkkornShouzzen App Soulderbag
Translation: 0x0409 0x04e4

Malware.AI.155306647 also known as:

LionicTrojan.Win32.Banbra.7!c
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.GenericKD.50194642
ALYacTrojan.GenericKD.50194642
CylanceUnsafe
SangforTrojan.Win32.Banbra.gen
K7AntiVirusTrojan-Downloader ( 005923a71 )
AlibabaTrojanBanker:Win32/Banbra.a0575e2c
K7GWTrojan-Downloader ( 005923a71 )
CyrenW32/Banload.FS.gen!Eldorado
ESET-NOD32a variant of Win32/TrojanDownloader.Banload.YTX
Paloaltogeneric.ml
ClamAVWin.Ircbot.Ircbot-9950815-0
KasperskyHEUR:Trojan-Banker.Win32.Banbra.gen
BitDefenderTrojan.GenericKD.50194642
AvastWin32:BankerX-gen [Trj]
RisingTrojan.Generic@AI.100 (RDML:ydTDNVoLcYgj6cqNxaCazw)
Ad-AwareTrojan.GenericKD.50194642
EmsisoftTrojan.GenericKD.50194642 (B)
F-SecureTrojan.TR/Banbra.qcipw
ZillyaDownloader.Banload.Win32.101150
TrendMicroTROJ_GEN.R002C0WDS22
McAfee-GW-EditionBehavesLike.Win32.Dropper.th
FireEyeTrojan.GenericKD.50194642
SophosMal/Generic-R
IkarusTrojan-Downloader.Win32.Banload
GDataTrojan.GenericKD.50194642
AviraTR/Banbra.qcipw
MAXmalware (ai score=85)
ArcabitTrojan.Generic.D2FDE8D2
ZoneAlarmHEUR:Trojan-Banker.Win32.Banbra.gen
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 99)
AhnLab-V3Trojan/Win.Generic.R488058
McAfeeArtemis!9F9EC1A5DFDC
VBA32TScope.Trojan.Delf
MalwarebytesMalware.AI.155306647
TrendMicro-HouseCallTROJ_GEN.R002C0WDS22
TencentWin32.Trojan-downloader.Banload.Hxqk
MaxSecureTrojan.Malware.11586831.susgen
FortinetW32/PossibleThreat
BitDefenderThetaGen:NN.ZelphiF.34712.@V0@aakEDSgU
AVGWin32:BankerX-gen [Trj]

How to remove Malware.AI.155306647?

Malware.AI.155306647 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment