Malware

Malware.AI.1755406477 removal guide

Malware Removal

The Malware.AI.1755406477 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.1755406477 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • A file was accessed within the Public folder.
  • Performs HTTP requests potentially not found in PCAP.
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Attempts to modify proxy settings
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Malware.AI.1755406477?



File Info:

name: C8DC4791EF9B12812678.mlw
path: /opt/CAPEv2/storage/binaries/788d39713f93129b92faa4cdb717b9130e16bbbc573dfe3815473654682faaf0
crc32: DA5B57F0
md5: c8dc4791ef9b12812678d9864bf83477
sha1: e09654da2263dc783cbfe1b06e38d00d4012c409
sha256: 788d39713f93129b92faa4cdb717b9130e16bbbc573dfe3815473654682faaf0
sha512: c61cd49e4cdb8dc7e23ce490be4cb9e10e3684d3acb67102856a06f2e3e374da7286fd3d0e4acf1b0532e9ed36c19479eb5bac094c19d3e1ea53202166fcf25f
ssdeep: 12288:snyExLKhWTRW8fdeCO/9R2vO15sY51SxR9Zo4+kC:myEdKwTRW8fdeCO/9Kw+2gxR9po
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T131D4D001FB81D1B3E89101324E69A32DC4BDB5724F619BD3E7D86F0DAE704E1A531B9A
sha3_384: 8a005b4fbfa32b6daaa2d67743d8ca228dd54292ee0eefbc0c10a19992f68272a1177d1f9f9ed2cdde3bfc3aecd70abe
ep_bytes: e85e770000e991feffffccff25f0a343
timestamp: 2016-10-28 13:20:08


Version Info:

CompanyName: Adobe Systems Incorporated
FileDescription: LogTransport Application
FileVersion: 7.1.1.3403
InternalName: LogTransport2
LegalCopyright: Copyright 2008-15 Adobe Systems Incorporated. All rights reserved.
OriginalFilename: LogTransport2.exe
PrivateBuild: 7.1.1.3403
ProductName:  LogTransport Application
ProductVersion: 7.1.1.3403
Translation: 0x0409 0x04b0

Malware.AI.1755406477 also known as:

BkavW32.AIDetectMalware
DrWebWin32.Beetle.2
MicroWorld-eScanGen:Variant.Zusy.486769
FireEyeGen:Variant.Zusy.486769
ALYacGen:Variant.Zusy.486769
MalwarebytesMalware.AI.1755406477
VIPREGen:Variant.Zusy.486769
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 005ab4bf1 )
BitDefenderGen:Variant.Zusy.486769
K7GWTrojan ( 005ab4bf1 )
CrowdStrikewin/malicious_confidence_70% (D)
ArcabitTrojan.Zusy.D76D71
BitDefenderThetaGen:NN.ZexaF.36738.Lu0@aK4gfSji
CyrenW32/S-8f542844!Eldorado
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Patched.NKM
APEXMalicious
KasperskyHEUR:Trojan-Ransom.Win32.Gen.pef
NANO-AntivirusVirus.Win32.Gen-Crypt.ccnc
TencentMalware.Win32.Gencirc.10bf1f88
McAfee-GW-EditionBehavesLike.Win32.Chir.hc
Trapminemalicious.high.ml.score
EmsisoftGen:Variant.Zusy.486769 (B)
IkarusTrojan.Win32.Patched
JiangminTrojan.Gen.byo
Antiy-AVLTrojan/Win32.Patched
MicrosoftTrojan:Win32/Convagent.AJ!MTB
ZoneAlarmHEUR:Trojan-Ransom.Win32.Gen.pef
GDataWin32.Trojan.PSE.12AP69G
GoogleDetected
AhnLab-V3Malware/Win.Generic.R603661
McAfeeRDN/Ransom
MAXmalware (ai score=80)
DeepInstinctMALICIOUS
VBA32BScope.Trojan.Meterpreter
Cylanceunsafe
PandaTrj/Genetic.gen
RisingTrojan.Generic@AI.100 (RDML:kvWTivWOBjYZnmwZm6QwnQ)
FortinetW32/Patched.IP!tr
AVGWin32:Evo-gen [Trj]
AvastWin32:Evo-gen [Trj]

How to remove Malware.AI.1755406477?

Malware.AI.1755406477 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment