Malware

How to remove “Malware.AI.1715045710”?

Malware Removal

The Malware.AI.1715045710 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.1715045710 virus can do?

  • Possible date expiration check, exits too soon after checking local time
  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Binary compilation timestomping detected

How to determine Malware.AI.1715045710?



File Info:

name: 655EF4FF8EA8397CB01C.mlw
path: /opt/CAPEv2/storage/binaries/739d757bccb5b6c1fb5dbad496db64f5352ac871191826bf6f55d642b4c066cc
crc32: 48CF3093
md5: 655ef4ff8ea8397cb01c2a63a2094b97
sha1: 88b517cfaa5b538eabe223064bdada81ff008398
sha256: 739d757bccb5b6c1fb5dbad496db64f5352ac871191826bf6f55d642b4c066cc
sha512: e9b2a5c60b4c3b79f13f1694f4fb6d9fac73a62b2ba30c2ab8c774af1ddaf918501a896ed90bd7948261fab919424091b9e18f580751f893b789ae2aa42dd92f
ssdeep: 384:FWlt95VTpK55KZHlrJ2rzdL5LLabU8053JPD3OR6JL5hlPvDo3H/4TaGLbJ2+JHy:FeTflrJ2rN9+bUR39VJHoI8HYVm+5ea
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1FF33F8356FBED852E52900B9E6A3C9FC0854EE05D02EF677D9E47C16727EB01B61A203
sha3_384: e10f3ed397673fbc697285d307bebf817061197acecf3b483264dc4a0827ada3d67fa5ac99206a78cf14dbb062d4adb0
ep_bytes: ff250020400000000000000000000000
timestamp: 2055-11-24 21:10:49


Version Info:

Translation: 0x0000 0x04b0
Comments: Kernel Transaction Management Utility
CompanyName: Microsoft Corporation
FileDescription: Kernel Transaction Management Utility
FileVersion: 10.0.14393.0
InternalName: Hehtcbz.exe
LegalCopyright: © Microsoft Corporation. All rights reserved.
LegalTrademarks: 
OriginalFilename: Hehtcbz.exe
ProductName: Microsoft® Windows® Operating System
ProductVersion: 10.0.14393.0
Assembly Version: 10.0.14393.0

Malware.AI.1715045710 also known as:

Elasticmalicious (high confidence)
FireEyeGeneric.mg.655ef4ff8ea8397c
CylanceUnsafe
SymantecMSIL.Downloader!gen7
ESET-NOD32a variant of MSIL/TrojanDownloader.Agent.KHA
APEXMalicious
SophosGeneric ML PUA (PUA)
MaxSecureTrojan.Malware.300983.susgen
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
CynetMalicious (score: 100)
BitDefenderThetaGen:NN.ZemsilF.34182.dm0@aCarGXb
MalwarebytesMalware.AI.1715045710
SentinelOneStatic AI – Malicious PE
FortinetMSIL/Agent.KGB!tr.dldr
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Malware.AI.1715045710?

Malware.AI.1715045710 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment