Malware

Malware.AI.1761788428 removal guide

Malware Removal

The Malware.AI.1761788428 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.1761788428 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Performs HTTP requests potentially not found in PCAP.
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Attempts to modify proxy settings
  • Deletes executed files from disk

How to determine Malware.AI.1761788428?



File Info:

name: C6CE41F05837B4C03923.mlw
path: /opt/CAPEv2/storage/binaries/b09f366396d5f12b3860d5a88b0606b1e8c18c05316f884f5b33d910b3a9a9f0
crc32: 10C68125
md5: c6ce41f05837b4c0392388d12cbca19b
sha1: 10f83b350b269fc660f0b602b0b61374b21cb1cf
sha256: b09f366396d5f12b3860d5a88b0606b1e8c18c05316f884f5b33d910b3a9a9f0
sha512: e1a045568c456d9f26fa5eb3ca02c493d10930d166724891474e74f6a13ee8295d35eb0d0a3d5fdd45f6ea48027af886db786a46c03cf7128e8d33c57c268878
ssdeep: 24576:s7FUDowAyrTVE3U5F/qpqKnZdLKic6QL3E2vVsjECUAQT45deRV9Rm:sBuZrEUc5ZVKIy029s4C1eH9Q
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1E485CF3FF268A13EC56A1B3245738310997BBA61B81A8C1E47FC384DCF765601E3B656
sha3_384: 205c531f3bc89bd7be139dc501332c49cbd9210c852b7238f912b5523acc200224a8101fcbc553fa8a13dbddd856cf63
ep_bytes: 558bec83c4a453565733c08945c48945
timestamp: 2023-02-15 14:54:16


Version Info:

Comments: This installation was built with Inno Setup.
CompanyName:                                                             
FileDescription: PlayerFab v7.0.2.8 (x64) + Fix [NEW] Setup                  
FileVersion: 5.0.0.0             
LegalCopyright: PlayerFab v7.0.2.8 (x64) + Fix [NEW]                                                                
OriginalFileName:                                                   
ProductName: PlayerFab v7.0.2.8 (x64) + Fix [NEW]                        
ProductVersion: 5.0                                               
Translation: 0x0000 0x04b0

Malware.AI.1761788428 also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.OffLoader.4!c
MicroWorld-eScanGeneric.Adware.Campaignz.B.54EDEF49
FireEyeGeneric.Adware.Campaignz.B.54EDEF49
McAfeeArtemis!C6CE41F05837
MalwarebytesMalware.AI.1761788428
SangforDownloader.Win32.Agent.Vcc4
K7AntiVirusTrojan-Downloader ( 005a40d51 )
AlibabaTrojanDownloader:Win32/OffLoader.67f7c618
K7GWTrojan-Downloader ( 005a40d51 )
ArcabitGeneric.Adware.Campaignz.B.54EDEF49
CyrenW32/OffLoader.A.gen!Eldorado
SymantecPUA.Gen.2
ESET-NOD32a variant of Win32/TrojanDownloader.Agent.GXZ
KasperskyHEUR:Trojan-Downloader.Win32.OffLoader.gen
BitDefenderGeneric.Adware.Campaignz.B.54EDEF49
AvastFileRepMalware [Misc]
TencentWin32.Trojan-Downloader.Oader.Yolw
SophosMal/Generic-S
F-SecureTrojan.TR/Dldr.Agent.vacka
DrWebTrojan.PWS.Stealer.30446
VIPREGeneric.Adware.Campaignz.B.54EDEF49
McAfee-GW-EditionBehavesLike.Win32.Trojan.tc
EmsisoftGeneric.Adware.Campaignz.B.54EDEF49 (B)
GoogleDetected
AviraTR/Dldr.Agent.vacka
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
ZoneAlarmHEUR:Trojan-Downloader.Win32.OffLoader.gen
GDataGeneric.Adware.Campaignz.B.54EDEF49
CynetMalicious (score: 100)
ALYacGeneric.Adware.Campaignz.B.54EDEF49
MAXmalware (ai score=86)
Cylanceunsafe
IkarusTrojan-Downloader.Win32.Agent
MaxSecureTrojan.Malware.300983.susgen
FortinetRiskware/Agent
AVGFileRepMalware [Misc]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Malware.AI.1761788428?

Malware.AI.1761788428 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment