Malware

Malware.AI.1573126262 (file analysis)

Malware Removal

The Malware.AI.1573126262 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.1573126262 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Creates RWX memory
  • Guard pages use detected – possible anti-debugging.
  • Dynamic (imported) function loading detected
  • Enumerates the modules from a process (may be used to locate base addresses in process injection)
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid

How to determine Malware.AI.1573126262?



File Info:

name: 6B5C53378B61E01AA994.mlw
path: /opt/CAPEv2/storage/binaries/42dbfdc42bef8007a32958083bb5614badc49d0ece4b1a2cdc3bba2ebcb4ad8a
crc32: 4D8AE361
md5: 6b5c53378b61e01aa994ae69497f693f
sha1: 5f10cfbd48b86b01a088b3b98b810e79ace24f83
sha256: 42dbfdc42bef8007a32958083bb5614badc49d0ece4b1a2cdc3bba2ebcb4ad8a
sha512: ace1c2c68db430a02f300576166d63f33041483426caf400f9b8f84c883ae45c2691df7b91940166d5535ccb2bb2eb04f0cefb16e07c5c13d3abe572a9a62a17
ssdeep: 6144:+Qx2yLrAPfl9d9ELMrZc7SqZl4JA7P66HrAPfl9d9ELMrZc7SAS:JHPAXjd9ELMu7iJdoAXjd9ELMu7G
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T19AA49E83F7915779C9E58672702A01710F327D398386F65A34CC7B2B28B23138B2666F
sha3_384: f0c16e0fa0694e85c367ff2a84850b4841dedf69c1c9503e2ab78a998f1aa486d202f211dc328dfee6ca06d9ee439de2
ep_bytes: ff250020400000000000000000000000
timestamp: 2013-12-12 13:25:05


Version Info:

Translation: 0x0000 0x04b0
FileDescription: Shareware.de
FileVersion: 1.3.2.0
InternalName: in.exe
LegalCopyright: Copyright ©  2012
OriginalFilename: in.exe
ProductName: Shareware.de
ProductVersion: 1.3.2.0
Assembly Version: 1.3.2.0

Malware.AI.1573126262 also known as:

MicroWorld-eScanGen:Variant.Cerbu.144535
FireEyeGen:Variant.Cerbu.144535
ALYacGen:Variant.Cerbu.144535
CylanceUnsafe
VIPREGen:Variant.Cerbu.144535
K7AntiVirusAdware ( 004bbc751 )
K7GWAdware ( 004bbc751 )
CyrenW32/MSIL_Agent.DMT.gen!Eldorado
Elasticmalicious (high confidence)
ESET-NOD32a variant of MSIL/DownloadGuide.A potentially unwanted
BitDefenderGen:Variant.Cerbu.144535
AvastWin32:MiscX-gen [PUP]
RisingPUA.DownloadGuide!8.1C2 (C64:YzY0Ogx9pK7oPROIqg)
Ad-AwareGen:Variant.Cerbu.144535
McAfee-GW-EditionRDN/Generic Downloader.x
SentinelOneStatic AI – Suspicious PE
Trapminesuspicious.low.ml.score
EmsisoftGen:Variant.Cerbu.144535 (B)
GDataGen:Variant.Cerbu.144535
Antiy-AVLTrojan/Generic.ASMalwS.720E
MicrosoftTrojan:Win32/Wacatac.B!ml
AhnLab-V3Malware/Win.Downloader.C5130495
McAfeeRDN/Generic Downloader.x
MalwarebytesMalware.AI.1573126262
APEXMalicious
YandexRiskware.Agent!gOAd2+d8fRE
MAXmalware (ai score=80)
MaxSecureTrojan.Malware.184960770.susgen
AVGWin32:MiscX-gen [PUP]

How to remove Malware.AI.1573126262?

Malware.AI.1573126262 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment