Malware

About “Malware.AI.1669119082” infection

Malware Removal

The Malware.AI.1669119082 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.1669119082 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Dynamic (imported) function loading detected
  • Enumerates running processes
  • The binary contains an unknown PE section name indicative of packing
  • The executable is compressed using UPX
  • Authenticode signature is invalid

How to determine Malware.AI.1669119082?



File Info:

name: 7D0214E95957CE67E04D.mlw
path: /opt/CAPEv2/storage/binaries/7ec03364d969e86bbeb141860ad0e89d89d0a5fa63e2f6afb40e62667cfd96c7
crc32: E9259481
md5: 7d0214e95957ce67e04dc06e3d23ac24
sha1: 533b3d0bb2b7af17e4035e9b79ae21cf0ada6f0c
sha256: 7ec03364d969e86bbeb141860ad0e89d89d0a5fa63e2f6afb40e62667cfd96c7
sha512: 7b85881b79d3144677d3379c5be29a050e568512b984bfcbdbdafa5abdb3d53699e01e3f9a87e2e854476c259be584a3ddbadd13542a83d03652d571fc8e0b77
ssdeep: 24576:KAHnh+eWsN3skA4RV1Hom2KXHmScLZeOWY2o5:dh+ZkldoPKXrcLcW
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1C7359D02F3918036FFAA92735B69F20656BC7E744133856F129C3E79B9701B1263E663
sha3_384: 2131896042dee6a0896c3de5a3245dd63e62639a4e15e0ae5b522dfb8e6c1ce59d247dce93e92d3e5b7d3c78e7a24586
ep_bytes: e8c8d00000e97ffeffffcccccccccccc
timestamp: 2022-04-24 12:59:59


Version Info:

FileVersion: 24.4.20.22
Comments: SolidShare.Net Unattended Installer
FileDescription: SolidShare.Net Unattended Installer
ProductVersion: 24.04.20.22
LegalCopyright: © 2022 By KiNGHaZe
CompanyName: SolidShare TEAM
ProductName: StartIsBack AIO
Translation: 0x0409 0x04b0

Malware.AI.1669119082 also known as:

BkavW32.AIDetect.malware1
LionicTrojan.Win32.Nymeria.4!c
Elasticmalicious (moderate confidence)
MicroWorld-eScanAIT:Trojan.Nymeria.4235
FireEyeGeneric.mg.7d0214e95957ce67
ALYacAIT:Trojan.Nymeria.4235
CylanceUnsafe
SangforVirus.Win32.Save.a
K7AntiVirusTrojan ( 004bcce41 )
K7GWTrojan ( 004bcce41 )
CrowdStrikewin/malicious_confidence_70% (D)
CyrenW32/Shasholi.A.gen!Eldorado
ESET-NOD32a variant of Win32/HackTool.Silentall.N potentially unsafe
APEXMalicious
BitDefenderAIT:Trojan.Nymeria.4235
AvastWin32:dUmPeX [Susp]
EmsisoftAIT:Trojan.Nymeria.4235 (B)
ComodoPacked.Win32.MUPX.Gen@24tbus
McAfee-GW-EditionBehavesLike.Win32.TrojanAitInject.th
Trapminemalicious.high.ml.score
SophosGeneric ML PUA (PUA)
IkarusTrojan-Spy.Agent
GDataAIT:Trojan.Nymeria.4235
AviraTR/Crypt.XPACK.Gen
MAXmalware (ai score=80)
ArcabitAIT:Trojan.Nymeria.D108B
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Stimilina.R369824
MalwarebytesMalware.AI.1669119082
AVGWin32:dUmPeX [Susp]
Cybereasonmalicious.95957c

How to remove Malware.AI.1669119082?

Malware.AI.1669119082 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment