Malware

Malware.AI.1751329780 malicious file

Malware Removal

The Malware.AI.1751329780 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.1751329780 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Executed a command line with /C or /R argument to terminate command shell on completion which can be used to hide execution
  • Possible date expiration check, exits too soon after checking local time
  • Dynamic (imported) function loading detected
  • A process created a hidden window
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Installs itself for autorun at Windows startup
  • Creates a copy of itself

Related domains:

wpad.local-net

How to determine Malware.AI.1751329780?



File Info:

name: 672F7409469F9E8F17D6.mlw
path: /opt/CAPEv2/storage/binaries/336eee1367749ea9d233f44e7721bacbc6d3051bed3fd5415229384d92d5ff95
crc32: 69AAC845
md5: 672f7409469f9e8f17d696d0ac7c5e3e
sha1: feb026b1349c1e4c386ea7881dd8ea2c2858ef54
sha256: 336eee1367749ea9d233f44e7721bacbc6d3051bed3fd5415229384d92d5ff95
sha512: fa8a9cd27b86cdfbae1718611c2e439ac96ea226b8170cb6b120239db171ec0478fbbd15508e84c392639af2787034731d525d4eaf75d3e6dea59d9ccbb1132b
ssdeep: 24576:O9PhKMTVp565fGdBC0N08OH58tfPrZ19/7bxx4/Rqla4TN2/dIU:OSMTY5f1U08I58tfPrZ15RMYTsr
type: PE32+ executable (GUI) x86-64, for MS Windows
tlsh: T198555A09637541E9FFE7D13AD6428A02D3B6385943634AEF12606A76BE337F00E3E651
sha3_384: 5d6b5af49f8ec7a87f0ad74b846fdc83e0e5f85286f99d1fb69d9760e1e25d9476cefb98942a3889190d56e33f8cfef4
ep_bytes: 4883ec28e8db0700004883c428e972fe
timestamp: 2021-11-21 20:23:32


Version Info:

0: [No Data]

Malware.AI.1751329780 also known as:

LionicTrojan.Win32.Agent.4!c
DrWebTrojan.Siggen15.50253
MicroWorld-eScanGen:Variant.Tedy.43838
CAT-QuickHealTrojan.Agent
ALYacGen:Variant.Tedy.43838
K7GWRiskware ( 0040eff71 )
K7AntiVirusRiskware ( 0040eff71 )
SymantecTrojan.Gen.2
TrendMicro-HouseCallTROJ_GEN.R002C0WKP21
KasperskyTrojan.Win32.Agent.xakwkx
BitDefenderGen:Variant.Tedy.43838
AvastWin64:TrojanX-gen [Trj]
TencentWin32.Trojan.Agent.Wncx
Ad-AwareGen:Variant.Tedy.43838
EmsisoftGen:Variant.Tedy.43838 (B)
ZillyaTrojan.Agent.Win32.2567947
TrendMicroTROJ_GEN.R002C0WKP21
McAfee-GW-EditionBehavesLike.Win64.JuicyPotato.th
FireEyeGen:Variant.Tedy.43838
SophosMal/Generic-S
GDataGen:Variant.Tedy.43838
JiangminTrojan.Agent.drxf
AviraTR/Agent.ntrkp
GridinsoftRansom.Win64.Sabsik.sa
ArcabitTrojan.Tedy.DAB3E
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win.Generic.C4786439
McAfeeArtemis!672F7409469F
MAXmalware (ai score=86)
VBA32Trojan.Agent
MalwarebytesMalware.AI.1751329780
APEXMalicious
FortinetW32/PossibleThreat
AVGWin64:TrojanX-gen [Trj]
Cybereasonmalicious.1349c1
PandaTrj/CI.A
MaxSecureTrojan.Malware.300983.susgen

How to remove Malware.AI.1751329780?

Malware.AI.1751329780 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment