Malware

How to remove “Malware.AI.1614964981”?

Malware Removal

The Malware.AI.1614964981 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.1614964981 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Presents an Authenticode digital signature
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Harvests cookies for information gathering

How to determine Malware.AI.1614964981?



File Info:

name: 45F9EF648F48E66E8736.mlw
path: /opt/CAPEv2/storage/binaries/16462e840e921e3395282590244f6b6cc6a219989104153c26a8b95bada0960f
crc32: 72700978
md5: 45f9ef648f48e66e873647ab047d7fd8
sha1: bac3fd06f0ea102ab17ee510c9ac9b661f95e0fa
sha256: 16462e840e921e3395282590244f6b6cc6a219989104153c26a8b95bada0960f
sha512: 91af48c172c606008cf3679bbbea341e85b47a7aba2e6efe821b9aff497af0c9c8c1263a777aa623f6274bebe7fae172d892e0fde449cc06b224d590f0a78f4c
ssdeep: 12288:X7mXeMiFnh2FKOW5xEC3mRPLdLfeegMLAy56EF/cUrFquh2VAdzHlxBEIHJ:X75Fnh2FDceC3mtZWa8y9cUly+
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T100E423CBEC5C91D7DACB26B8DBE0DE68B77B69D0914265C7F19CD32DA208D42263604C
sha3_384: 5bb3415dea9a7d3b1aa9f424e77dcdbc682d7ed9becec4a387dbc03b6d3ada17971bebd906d463dbdad917ef41985b2a
ep_bytes: 60be00504a008dbe00c0f5ffc787ff13
timestamp: 2007-04-08 04:49:59


Version Info:

CompanyName: Opera Software
FileDescription: Opera Internet Browser
FileVersion: 1190
InternalName: Opera
LegalCopyright: Copyright © Opera Software 1995-2011
OriginalFilename: Opera.exe
ProductName: Opera Internet Browser
ProductVersion: 11.01
Translation: 0x0409 0x04b0

Malware.AI.1614964981 also known as:

CynetMalicious (score: 100)
FireEyeGeneric.mg.45f9ef648f48e66e
McAfeePWS-Zbot.gen.ia
MalwarebytesMalware.AI.1614964981
VIPREGen:Variant.Lazy.227609
K7AntiVirusTrojan ( 000170c01 )
K7GWTrojan ( 000170c01 )
Cybereasonmalicious.48f48e
SymantecML.Attribute.HighConfidence
Elasticmalicious (moderate confidence)
ESET-NOD32a variant of Win32/Kelihos.B
APEXMalicious
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Variant.Lazy.227609
MicroWorld-eScanGen:Variant.Lazy.227609
AvastWin32:Kelihos [Trj]
TencentMalware.Win32.Gencirc.1202788d
Ad-AwareGen:Variant.Lazy.227609
EmsisoftGen:Variant.Lazy.227609 (B)
DrWebTrojan.Spambot.10098
ZillyaTrojan.Kelihos.Win32.653
McAfee-GW-EditionPWS-Zbot.gen.ia
Trapminemalicious.moderate.ml.score
SophosMal/EncPk-LT
SentinelOneStatic AI – Malicious PE
GDataGen:Variant.Lazy.227609
JiangminTrojanDownloader.FraudLoad.akmc
AviraBDS/Kelihos.wdond
MAXmalware (ai score=80)
Antiy-AVLTrojan/Generic.ASMalwS.3303
ArcabitTrojan.Lazy.D37919
MicrosoftTrojan:Win32/Bulta!rfn
GoogleDetected
ALYacGen:Variant.Lazy.227609
VBA32Trojan.ExpProc.014
CylanceUnsafe
RisingTrojan.Kelihos!8.C68 (TFE:5:1KUhzzzYPvC)
YandexTrojan.DL.Fraudload!/emwreKjv6c
IkarusTrojan-Downloader.Win32.FraudLoad
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Yakes.S!tr
BitDefenderThetaGen:NN.ZexaF.34646.PmMfamKOIvaO
AVGWin32:Kelihos [Trj]
PandaGeneric Suspicious

How to remove Malware.AI.1614964981?

Malware.AI.1614964981 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment