Malware

About “Malware.AI.1777576456” infection

Malware Removal

The Malware.AI.1777576456 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.1777576456 virus can do?

  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • A process attempted to delay the analysis task.
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • Unconventionial language used in binary resources: Russian
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Sniffs keystrokes
  • Created a process from a suspicious location
  • Installs itself for autorun at Windows startup
  • Creates a hidden or system file

How to determine Malware.AI.1777576456?



File Info:

name: 6BB4040A0FD4A25A8696.mlw
path: /opt/CAPEv2/storage/binaries/e2a14900a324530256d8c34ce2500d55bc04a6c23923da915efa13609c090f23
crc32: 8313912D
md5: 6bb4040a0fd4a25a8696c17c45d145b0
sha1: 528702bee24b2753b8ba7954e325e64020c025ac
sha256: e2a14900a324530256d8c34ce2500d55bc04a6c23923da915efa13609c090f23
sha512: ddfa9ae3f097bff2763f73ec4f58c906d3de1275e5e77faf280733640bff1d4a6d551572b7789fce97fe4570a9af8c4f25306d42564ea9470c0c4d34321bffa7
ssdeep: 1536:9hrkTzNQydlv/ikWuo1exDSIPEYOTnXSe08hhPHwtWop6ea5mMhm3GdGab:95UDndDSIMYOTX90+5HwYRf5mY0GYU
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T143248F2B7081E4F6DC8309F11E9277E3E274BA321A284215FF96161EF6B95F1D12742E
sha3_384: 622e3f50d8679cd8416baa2bf3651507b80f1f490cceebf4809876ff085ed73b6d7a287c87c4f78f5607de4a6f6597fd
ep_bytes: b99cb04000b800800000e8b72a0000e8
timestamp: 2004-02-15 21:27:58


Version Info:

0: [No Data]

Malware.AI.1777576456 also known as:

BkavW32.AIDetect.malware1
Elasticmalicious (high confidence)
MicroWorld-eScanDropped:Win32.Sality.H
FireEyeGeneric.mg.6bb4040a0fd4a25a
ALYacDropped:Win32.Sality.H
CylanceUnsafe
SangforSuspicious.Win32.Save.a
K7AntiVirusVirus ( 0040f8141 )
K7GWVirus ( 0040f8141 )
Cybereasonmalicious.a0fd4a
BaiduWin32.Trojan.Sality.m
CyrenW32/Sality.OCXO-0174
SymantecW32.Sality
tehtrisGeneric.Malware
ESET-NOD32Win32/Sality.X
APEXMalicious
KasperskyVirus.Win32.Sality.x
BitDefenderDropped:Win32.Sality.H
NANO-AntivirusVirus.Win32.Sality.ryed
AvastWin32:Sality-AV
TencentVirus.Win32.KuKu.tt
Ad-AwareDropped:Win32.Sality.H
EmsisoftDropped:Win32.Sality.H (B)
ComodoWin32.Sality.X@d1pc
DrWebWin32.HLLP.Sector.28318
ZillyaBackdoor.PePatch.Win32.16205
TrendMicroTROJ_SPNR.0BJC11
McAfee-GW-EditionW32/Sality.i.gen
Trapminemalicious.high.ml.score
SophosMal/Generic-S
SentinelOneStatic AI – Malicious PE
GDataDropped:Win32.Sality.H
AviraW32/Sality.g
MAXmalware (ai score=89)
ZoneAlarmVirus.Win32.Sality.x
MicrosoftTrojan:Win32/Sabsik.FL.A!ml
CynetMalicious (score: 100)
McAfeeW32/Sality.i.gen
VBA32Virus.Sality.16109
MalwarebytesMalware.AI.1777576456
TrendMicro-HouseCallTROJ_SPNR.0BJC11
RisingBackdoor.Kuku!1.A155 (CLASSIC)
YandexTrojan.GenAsa!trUTzOkYLyE
IkarusWorm.Win32.Sality
MaxSecureVirus.W32.Sality.X
FortinetW32/GenericKDZ.8439!tr
BitDefenderThetaGen:NN.ZexaF.34742.nmW@aez2j7fc
AVGWin32:Sality-AV
PandaTrj/Genetic.gen
CrowdStrikewin/malicious_confidence_90% (D)

How to remove Malware.AI.1777576456?

Malware.AI.1777576456 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment