Malware

Malware.AI.1780928237 malicious file

Malware Removal

The Malware.AI.1780928237 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Malware.AI.1780928237 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Attempts to connect to a dead IP:Port (1 unique times)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Dynamic (imported) function loading detected
  • Enumerates running processes
  • Expresses interest in specific running processes
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • Authenticode signature is invalid
  • Behavioural detection: Injection (inter-process)
  • Installs itself for autorun at Windows startup
  • Anomalous binary characteristics
  • Attempts to modify Explorer settings to prevent hidden files from being displayed

How to determine Malware.AI.1780928237?


File Info:

name: E978E4020176C05B15B6.mlw
path: /opt/CAPEv2/storage/binaries/bfd11636cf41a7b6dfcda3ef196d488aaee3b8b155d9199eca5ca37a8f361a9b
crc32: 701B2A52
md5: e978e4020176c05b15b6c8ffbec8f6c7
sha1: 4f1b5e5f9ec87646cc1bd96580483b47bc414d6f
sha256: bfd11636cf41a7b6dfcda3ef196d488aaee3b8b155d9199eca5ca37a8f361a9b
sha512: c384b1a950a96ed6f7839b28dcb6f7d119964ee9f74ae02901700bd5f7bcf74bb39719e5658c60563ffcf850d0fd3844871feb40e35c6b9997f6f2a3178f1708
ssdeep: 1536:ScMceHQgnRt9UdLw6BNMyBhXZxHJ6P6D5DJ:Pgz07JjD5D
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T13043B26A7385182ADB0CB23536A7C7EB2AD7748E074F4A4367B823799C24F512D12F53
sha3_384: b774bbaa41d3625930a88134afe1c9aae938800581e8f75fc573d6e924f864bdecbaebb3c32ed7265518275f18206f51
ep_bytes: 6880114000e8f0ffffff000000000000
timestamp: 2010-12-28 13:10:07

Version Info:

Translation: 0x0409 0x04b0
CompanyName: UserXP
ProductName: 4322VBRUN
FileVersion: 3.42
ProductVersion: 3.42
InternalName: mJJdz99
OriginalFilename: mJJdz99.exe

Malware.AI.1780928237 also known as:

BkavW32.AIDetect.malware1
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Symmi.719
FireEyeGeneric.mg.e978e4020176c05b
CAT-QuickHealWorm.VbnaMF.S22387683
MalwarebytesMalware.AI.1780928237
K7AntiVirusTrojan ( 001e96331 )
K7GWTrojan ( 001e96331 )
CrowdStrikewin/malicious_confidence_100% (D)
BitDefenderThetaAI:Packer.123AFE6920
VirITTrojan.Win32.Shiru.AY
CyrenW32/VB.BT.gen!Eldorado
SymantecW32.Changeup!gen10
tehtrisGeneric.Malware
ESET-NOD32Win32/AutoRun.VB.XY
BaiduWin32.Worm.AutoRun.cj
APEXMalicious
CynetMalicious (score: 100)
KasperskyWorm.Win32.VBNA.brmq
BitDefenderGen:Variant.Symmi.719
NANO-AntivirusTrojan.Win32.VB.cooocg
SUPERAntiSpywareTrojan.Agent/Gen-Zbot
TencentWorm.Win32.Vbna.zf
Ad-AwareGen:Variant.Symmi.719
EmsisoftGen:Variant.Symmi.719 (B)
ComodoTrojWare.Win32.VB.XYT@59rakd
F-SecureTrojan:W32/Vbkrypt.D
DrWebWin32.HLLW.Autoruner.40364
TrendMicroWORM_VOBFUS.SMIA
SophosML/PE-A + Mal/SillyFDC-I
JiangminTrojan/VBKrypt.hart
AviraTR/Dropper.Gen
Antiy-AVLWorm/Win32.WBNA.gen
ArcabitTrojan.Symmi.719
ViRobotTrojan.Win32.Generic.57344.H
TACHYONTrojan/W32.VB-Agent.57344.LW
AhnLab-V3Malware/Win32.Changeup.R2716
Acronissuspicious
VBA32SScope.Trojan.VBRA.9611
MAXmalware (ai score=89)
TrendMicro-HouseCallWORM_VOBFUS.SMIA
YandexTrojan.VBKrypt.Gen.8
SentinelOneStatic AI – Malicious PE
MaxSecureWorm.Worm.W32.VBNA.brmq
FortinetW32/VBKrypt.AGW!tr
PandaGeneric Malware

How to remove Malware.AI.1780928237?

Malware.AI.1780928237 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment