Malware

How to remove “Malware.AI.1736121529”?

Malware Removal

The Malware.AI.1736121529 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.1736121529 virus can do?

  • Unconventionial language used in binary resources: Finnish
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Attempts to modify proxy settings
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Malware.AI.1736121529?



File Info:

name: 4794DDE79CBD45700139.mlw
path: /opt/CAPEv2/storage/binaries/83af47cfcd1edaa72b6c674bf527c043090f436fc30b42874d80de42cee99877
crc32: 80B36E46
md5: 4794dde79cbd45700139de5f82546897
sha1: 28b518ffaf5e7081fbc70668bb95a0327b433684
sha256: 83af47cfcd1edaa72b6c674bf527c043090f436fc30b42874d80de42cee99877
sha512: 894ac4de2a65b3c292cff78b52279f4231fbc9b1248ded9a60d45f600eec5c84b11c90b203cf00badc6492dcb0cc8eaa82171f4ae9a6406860429065971db0e5
ssdeep: 1536:wWi+UI86ojQSRCSuZEe2lOT4FcvivVAxQvkY:wWi+pVojQP5iKivVAxQvkY
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1A8A36C11BAD0C072D0B219750966DBE15A3EF9322F35D9CBB7480A6D1E20BD2DA3B357
sha3_384: 6c8b7a5ea6eec13086444033c3f9d0d7243fc61fe4c446cd09234afd4180ad67ebb1f43ea268f6a6e1f57e78e310cdd3
ep_bytes: 558bec81ec78090000e8e20c00008985
timestamp: 1970-01-01 15:50:05


Version Info:

FileDescription: Nokia PCSW Process Controller
FileVersion: 1, 0, 0, 9
InternalName: PCSWPC.exe
LegalCopyright: Copyright (C) 2009 Nokia. All Rights Reserved.
LegalTrademarks: Copyright (C) 2009 Nokia. All Rights Reserved.
OriginalFilename: PCSWPC.exe
ProductName: Nokia PCSW Process Controller
ProductVersion: 1, 0, 0, 0
Translation: 0x0800 0x04b0

Malware.AI.1736121529 also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Patched.trN0
tehtrisGeneric.Malware
DrWebTrojan.DownLoader33.36265
MicroWorld-eScanGen:Heur.Mint.Zard.39
FireEyeGeneric.mg.4794dde79cbd4570
SkyhighBehavesLike.Win32.Virut.nh
McAfeeGenericRXIT-BC!4794DDE79CBD
Cylanceunsafe
VIPREGen:Heur.Mint.Zard.39
SangforDownloader.Win32.Agent.Vo5v
CrowdStrikewin/malicious_confidence_100% (W)
BitDefenderGen:Heur.Mint.Zard.39
K7GWVirus ( 0055485e1 )
K7AntiVirusVirus ( 0055485e1 )
ArcabitTrojan.Mint.Zard.39
BitDefenderThetaGen:NN.ZexaF.36792.gy0@a8snPdiO
VirITWin32.Nov15th.A
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32Win32/TrojanDownloader.Agent.EQH
APEXMalicious
KasperskyTrojan.Win32.Patched.rw
NANO-AntivirusVirus.Win32.Gen.ccmw
RisingWorm.Phorpiex!1.BB1C (CLASSIC)
SophosMal/Generic-S
F-SecureMalware.W32/Infector.Gen
TrendMicroTrojanSpy.Win32.FICKERSTEALER.SMTHA.hp
Trapminemalicious.moderate.ml.score
EmsisoftGen:Heur.Mint.Zard.39 (B)
SentinelOneStatic AI – Suspicious PE
MAXmalware (ai score=89)
JiangminTrojanDownloader.Generic.bdzi
GoogleDetected
AviraW32/Infector.Gen
VaristW32/ZeroDloader.A.gen!Eldorado
Kingsoftmalware.kb.a.997
MicrosoftTrojanDownloader:Win32/SmallAgent!atmn
ZoneAlarmTrojan.Win32.Patched.rw
GDataWin32.Trojan.PSE.16VTW2Z
CynetMalicious (score: 100)
AhnLab-V3Malware/Win32.RL_Generic.R282625
VBA32BScope.TrojanBanker.CliptoShuffler
ALYacGen:Heur.Mint.Zard.39
TACHYONWorm/W32.ZeroDownloader
DeepInstinctMALICIOUS
MalwarebytesMalware.AI.1736121529
PandaTrj/Chgt.AC
ZonerProbably Heur.ExeHeaderL
TrendMicro-HouseCallTrojanSpy.Win32.FICKERSTEALER.SMTHA.hp
IkarusVirus-Downloader.Win32.Agent
MaxSecureTrojan.Malware.121218.susgen
FortinetW32/Agent.EQH!tr
AVGWin32:DeadZero [Inf]
AvastWin32:DeadZero [Inf]

How to remove Malware.AI.1736121529?

Malware.AI.1736121529 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment