Malware

Malware.AI.1620616399 information

Malware Removal

The Malware.AI.1620616399 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.1620616399 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Executed a command line with /C or /R argument to terminate command shell on completion which can be used to hide execution
  • Uses Windows utilities for basic functionality
  • Performs HTTP requests potentially not found in PCAP.
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • Uses Windows utilities to enumerate running processes
  • Authenticode signature is invalid
  • Attempts to modify proxy settings
  • Uses suspicious command line tools or Windows utilities

How to determine Malware.AI.1620616399?



File Info:

name: BE9365524AAE756EDB5F.mlw
path: /opt/CAPEv2/storage/binaries/1b50af4ff0b300c680829f7b394a1db9126659a00f2088d0cd831970e31792a9
crc32: 39C2608D
md5: be9365524aae756edb5f811b9da567aa
sha1: 8571147d8f5f4f0f96a45cec47ae7de1dba3a946
sha256: 1b50af4ff0b300c680829f7b394a1db9126659a00f2088d0cd831970e31792a9
sha512: 79fbbabda87129d9f4915dadae49998e481b67051c464d5f2a16ba2eda4294267ecffa76d2cda1b59d2af2223ccac652c184cbeee0e1755d8f78eb01c018156e
ssdeep: 1536:Sglp6hk8t1wEuWLHWac+HOa2Ix8N6x9kDiMcEMKgkaJ98rF1YBvM9:zD6u8tTuWLHWalHOa2IeIx9kDiMcEvga
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1BE936D13B1D18872E1B21ABE6C46A3259A3BFDF22D24161B77DC0D0D4E7D2C1686C39B
sha3_384: 388970a19b9310e8aa5d7003a8fc9ff881b915aa9546513ce6612f4040d6cb7ce459c362926b2a3344403e99bf33314f
ep_bytes: 558becb9060000006a006a004975f953
timestamp: 1992-06-19 22:22:17


Version Info:

0: [No Data]

Malware.AI.1620616399 also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.TinyLoader.a!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Fugrafa.153777
ClamAVWin.Trojan.MrWhite-5538685-0
FireEyeGeneric.mg.be9365524aae756e
SkyhighBehavesLike.Win32.Fareit.nh
ALYacGen:Variant.Fugrafa.153777
Cylanceunsafe
VIPREGen:Variant.Fugrafa.153777
SangforDownloader.Win32.Tinyloader.V6rw
K7AntiVirusTrojan ( 0050236e1 )
AlibabaTrojanDownloader:Win64/TinyLoader.41596090
K7GWTrojan ( 0050236e1 )
CrowdStrikewin/malicious_confidence_100% (W)
BitDefenderThetaGen:NN.ZelphiF.36744.fGW@aKEn50k
SymantecTrojan.Dropper
ESET-NOD32a variant of Generik.KEMQWSF
APEXMalicious
CynetMalicious (score: 100)
KasperskyTrojan-Downloader.Win64.TinyLoader.dw
BitDefenderGen:Variant.Fugrafa.153777
NANO-AntivirusTrojan.Win32.XDR.ejlbvq
AvastWin32:Malware-gen
TencentWin64.Trojan-Downloader.Tinyloader.Wmhl
EmsisoftGen:Variant.Fugrafa.153777 (B)
F-SecureTrojan.TR/Crypt.XDR.Gen
ZillyaTrojan.Generic.Win32.420
TrendMicroTROJ_SMALL.WRST
SophosMal/Generic-S
IkarusTrojan-Downloader.Win32.Small
GDataGen:Variant.Fugrafa.153777
WebrootW32.Trojan.GenKD
AviraTR/Crypt.XDR.Gen
Antiy-AVLTrojan[Downloader]/Win64.TinyLoader
Kingsoftmalware.kb.a.992
ArcabitTrojan.Fugrafa.D258B1
ZoneAlarmTrojan-Downloader.Win64.TinyLoader.dw
GoogleDetected
McAfeeArtemis!BE9365524AAE
MAXmalware (ai score=99)
VBA32BScope.TrojanDownloader.Win64.TinyLoader
MalwarebytesMalware.AI.1620616399
PandaTrj/GdSda.A
TrendMicro-HouseCallTROJ_SMALL.WRST
RisingDownloader.Tinyloader!8.D74 (TFE:5:WsxXcxcP4cP)
YandexTrojan.Agent!nmTgfSPu1Fc
SentinelOneStatic AI – Suspicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/SMALL.KEMQWSF!tr
AVGWin32:Malware-gen
Cybereasonmalicious.d8f5f4
DeepInstinctMALICIOUS

How to remove Malware.AI.1620616399?

Malware.AI.1620616399 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment