Malware

Malware.AI.1644150115 (file analysis)

Malware Removal

The Malware.AI.1644150115 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.1644150115 virus can do?

  • Sample contains Overlay data
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Reads data out of its own binary image
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid

How to determine Malware.AI.1644150115?



File Info:

name: D089B55B3098817E4591.mlw
path: /opt/CAPEv2/storage/binaries/5842f2a509cf64e526a0475ce4fa850076c4dfe177fa1294b38eeec7e5084dbf
crc32: 465699D3
md5: d089b55b3098817e4591128086cbf26f
sha1: 0b7b3234663a195c3f3d7e428d9333f2239f7467
sha256: 5842f2a509cf64e526a0475ce4fa850076c4dfe177fa1294b38eeec7e5084dbf
sha512: 0fca9edb0cf376d8fe7270be84f004b62668bc437a1a0fba1056218d02c7909af1293c7d6c78e65ffe5c1d73d939bcbc671d1ea415a2e2854db7e211ba23a165
ssdeep: 49152:uSV8wEMqUNjLnsaEZ7TkxPcSlFkrPQQJCfJVQ8:uS6z8jl0QOQWP/JeX
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1EB9512F0AF09F600C76D6BB9F558DA9EB1C1D913C2386166DBAA751910FEEDF8060270
sha3_384: a31f79c6fd6bfe7b4f1a1b5eb77e3d154c468b8def6e6ebcc13ef89ecf403dc6a64e0d03498ba9f94ca98d763261b108
ep_bytes: 60be008049008dbe0090f6ff57eb0b90
timestamp: 2010-04-16 07:47:33


Version Info:

FileDescription: 
FileVersion: 6,6,3,2
CompiledScript: AutoIt v3 Script: 6,6,3,2
Translation: 0x0809 0x04b0

Malware.AI.1644150115 also known as:

LionicHeuristic.File.Generic.00×1!p
Elasticmalicious (moderate confidence)
MicroWorld-eScanTrojan.GenericKD.35566532
FireEyeGeneric.mg.d089b55b3098817e
ALYacTrojan.GenericKD.35566532
CylanceUnsafe
VIPRETrojan.GenericKD.35566532
SangforTrojan.Win32.Wacatac.B
AlibabaTrojan:Win32/Buzus.f43e67c3
Cybereasonmalicious.b30988
tehtrisGeneric.Malware
APEXMalicious
ClamAVWin.Dropper.NetWire-9445311-0
BitDefenderTrojan.GenericKD.35566532
AvastWin32:AutoIt-AIV [Wrm]
Ad-AwareTrojan.GenericKD.35566532
EmsisoftTrojan.GenericKD.35566532 (B)
ComodoMalware@#2ckh8k6wp151w
ZillyaTrojan.Chifrax.Win32.1772
McAfee-GW-EditionBehavesLike.Win32.Injector.tc
GDataTrojan.GenericKD.35566532
JiangminTrojan/Generic.uqyr
GoogleDetected
AviraTR/Dropper.Gen
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 100)
McAfeeArtemis!D089B55B3098
MAXmalware (ai score=100)
MalwarebytesMalware.AI.1644150115
IkarusTrojan.Win32.Buzus
AVGWin32:AutoIt-AIV [Wrm]
CrowdStrikewin/malicious_confidence_60% (W)

How to remove Malware.AI.1644150115?

Malware.AI.1644150115 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment