Malware

Malware.AI.1564431414 malicious file

Malware Removal

The Malware.AI.1564431414 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.1564431414 virus can do?

  • Executable code extraction
  • Attempts to connect to a dead IP:Port (2 unique times)
  • Creates RWX memory
  • A process attempted to delay the analysis task.
  • At least one IP Address, Domain, or File Name was found in a crypto call
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • Uses Windows utilities for basic functionality
  • Attempts to remove evidence of file being downloaded from the Internet
  • Installs itself for autorun at Windows startup
  • Exhibits behavior characteristic of Nanocore RAT
  • Collects information to fingerprint the system

How to determine Malware.AI.1564431414?



File Info:

crc32: 1BD70841
md5: bb3968df651a559885d77f8d4c8b7007
name: BB3968DF651A559885D77F8D4C8B7007.mlw
sha1: 0ac01bd0feb41d80dbf5e5b3e3e0757040e2b990
sha256: 4dad996e2551b4fddac2169a37bda0f28ba59b215a7858bace7bc53f5ee1e861
sha512: bd9a8ac2c2e95918cb2d95d8a36ec6a11396c42bf553960f9ceecd32ef3ca86c4bde496e3c9224e9ee27396dcbea66902165de1c9555514bcaad788166cf185c
ssdeep: 24576:LmoO8it5X32wHfZMYthkZjPzcd54MvbPtL:K/PZrtUPzm401L
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

0: [No Data]

Malware.AI.1564431414 also known as:

BkavW32.AIDetect.malware2
MicroWorld-eScanTrojan.Rasftuby.Gen.14
FireEyeGeneric.mg.bb3968df651a5598
McAfeeArtemis!BB3968DF651A
CylanceUnsafe
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 00526c241 )
BitDefenderTrojan.Rasftuby.Gen.14
K7GWTrojan ( 00526c241 )
Cybereasonmalicious.f651a5
CyrenW32/S-e8958863!Eldorado
SymantecRansom.Wannacry
ESET-NOD32a variant of Generik.EKYAEWK
APEXMalicious
AvastFileRepMalware
ClamAVWin.Dropper.DarkKomet-9368690-0
KasperskyTrojan.MSIL.Crypt.gcqz
AlibabaMalware:Win32/Dorpal.ali1000029
NANO-AntivirusTrojan.Win32.Crypt.exyjkp
AegisLabTrojan.Win32.Generic.4!c
Ad-AwareTrojan.Rasftuby.Gen.14
EmsisoftTrojan.Rasftuby.Gen.14 (B)
ComodoMalware@#1ou2m14hqgglo
F-SecureTrojan.TR/Rasftuby.iscks
McAfee-GW-EditionBehavesLike.Win32.AdwareLinkury.dh
SophosMal/Generic-S
IkarusTrojan.MSIL.Crypt
AviraTR/Rasftuby.iscks
MicrosoftTrojan:Win32/Tiggre!rfn
ArcabitTrojan.Rasftuby.Gen.14
ZoneAlarmTrojan.MSIL.Crypt.gcqz
GDataTrojan.Rasftuby.Gen.14
CynetMalicious (score: 100)
VBA32Trojan.MSIL.Crypt
ALYacTrojan.Rasftuby.Gen.14
MalwarebytesMalware.AI.1564431414
PandaTrj/CI.A
TencentMsil.Trojan.Crypt.Pfsz
MAXmalware (ai score=100)
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Generic.AC.3f1c93
AVGFileRepMalware
Paloaltogeneric.ml
CrowdStrikewin/malicious_confidence_70% (D)
Qihoo-360Win32/Trojan.Crypt.HgIASOQA

How to remove Malware.AI.1564431414?

Malware.AI.1564431414 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment