Malware

Malware.AI.18161254 removal

Malware Removal

The Malware.AI.18161254 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.18161254 virus can do?

  • At least one process apparently crashed during execution
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • The binary contains an unknown PE section name indicative of packing
  • Executable file is packed/obfuscated with MPRESS
  • Authenticode signature is invalid

How to determine Malware.AI.18161254?



File Info:

name: 8413B74248B996CEAF34.mlw
path: /opt/CAPEv2/storage/binaries/64d810169d350fbc9af88da3e30e944b239bcd5157b0632995ebea6d8309e566
crc32: 6230C7F3
md5: 8413b74248b996ceaf343d0a9abbdc03
sha1: 11cb9ca272bf92832e4899598d51f2674130301a
sha256: 64d810169d350fbc9af88da3e30e944b239bcd5157b0632995ebea6d8309e566
sha512: d88a08c52abb2ce752df91750ebbe670ca906d0be4ef77c0c0898889802f8f4885ffa0b401a04177dc43157c9ff2a937353b986452789922bc3e2d49329f83e9
ssdeep: 96:MN6nuW/gOkwJ/X8qhmHEZm2tGEzcsGqbyVHtxh1C/dPc9g+eRgv:M4d8u28UEQFqANbc/d0gho
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1F372E813DE494832DA3A00B124F617309975D0B14BF6A267BFA5CFB5BF62131971A40F
sha3_384: f7c3889fb01ad037e2a9e5fd2f39948dc3a4dd316083b19e13b05823834cda7a839436e94ad1c9447eb8963fd4fa63a6
ep_bytes: e8cb070000e86607000033c0c3909090
timestamp: 2016-03-02 15:21:16


Version Info:

0: [No Data]

Malware.AI.18161254 also known as:

BkavW32.AIDetect.malware1
LionicTrojan.Win32.Scar.luuu
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Fugrafa.157688
CAT-QuickHealTrojan.Sigmal.S304734
McAfeeGenericRXEG-KG!8413B74248B9
CylanceUnsafe
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 0052964f1 )
AlibabaTrojan:Win32/AddUser.1792121a
K7GWTrojan ( 0052964f1 )
Cybereasonmalicious.248b99
CyrenW32/Trojan.FICK-3048
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/AddUser.BN
APEXMalicious
Paloaltogeneric.ml
ClamAVWin.Malware.Bavs-6804154-0
KasperskyTrojan.Win32.AddUser.lt
BitDefenderGen:Variant.Fugrafa.157688
NANO-AntivirusTrojan.Win32.User.eynuvz
AvastWin32:Malware-gen
TencentWin32.Trojan.Adduser.Dxmh
Ad-AwareGen:Variant.Fugrafa.157688
SophosMal/Generic-S
DrWebTrojan.Adduser.298
TrendMicroTROJ_GEN.R002C0PKN21
McAfee-GW-EditionBehavesLike.Win32.Generic.lz
FireEyeGeneric.mg.8413b74248b996ce
EmsisoftGen:Variant.Fugrafa.157688 (B)
SentinelOneStatic AI – Malicious PE
GDataGen:Variant.Fugrafa.157688
JiangminTrojan/StartPage.pea
AviraTR/Crypt.XPACK.Gen
MAXmalware (ai score=84)
Antiy-AVLTrojan/Generic.ASMalwS.2A1D55F
GridinsoftRansom.Win32.Sabsik.sa
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
CynetMalicious (score: 100)
AhnLab-V3Malware/Win32.Generic.C2380550
Acronissuspicious
BitDefenderThetaGen:NN.ZexaCO.34294.biW@aijx09d
ALYacGen:Variant.Fugrafa.157688
VBA32Trojan.AddUser
MalwarebytesMalware.AI.18161254
TrendMicro-HouseCallTROJ_GEN.R002C0PKN21
RisingRansom.Adduser!1.D7C6 (CLASSIC)
YandexTrojan.GenAsa!WWgo9W0piLo
IkarusWorm.Win32.Vercuser
eGambitUnsafe.AI_Score_95%
FortinetW32/AddUser.BN!tr
AVGWin32:Malware-gen
PandaTrj/CI.A
CrowdStrikewin/malicious_confidence_100% (W)
MaxSecureTrojan.Malware.300983.susgen

How to remove Malware.AI.18161254?

Malware.AI.18161254 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment