Malware

Malware.AI.1851860220 removal instruction

Malware Removal

The Malware.AI.1851860220 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.1851860220 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • Authenticode signature is invalid

How to determine Malware.AI.1851860220?



File Info:

name: A24FB5EC3C2EFC674913.mlw
path: /opt/CAPEv2/storage/binaries/810bd6654e02307163d5344bee6ae5390138b4e4c0f7cc6474dbb629ee9a247d
crc32: DD2FE1AF
md5: a24fb5ec3c2efc674913ee520c42b9df
sha1: 8b41ce45bd08eaa531a2be1939aa902685766823
sha256: 810bd6654e02307163d5344bee6ae5390138b4e4c0f7cc6474dbb629ee9a247d
sha512: 040a1aa165f216af73e8098b3a4bad078bf4ae81806664338141324f0417ea7e553dbd79aa2d7ff1cf3cda6a68335a3736c20beb79980c75e4f84ce9226a1d86
ssdeep: 6144:xLCqJqmINTgx7q+F5Mk5A9YMK/euuWlgwY:MqJtIU5HhGuuWlTY
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T13F646C40BBC28CB1EA5E45784CB2D356263DFDF90B22CFA366F45E170B645C11EA3292
sha3_384: 1d2b1ddb0ae2e22daa120c8f1de68c05127f76d73c156d6ac740afc1da934d5bdbd3a2927a264ae0e172cef739cd74fb
ep_bytes: e8c92d0000e9000000006a1468b86c42
timestamp: 2018-12-07 17:08:26


Version Info:

LegalCopyright: Copyright (c) 2014 - . All rights reserved. AVAST Software
FileDescription: 400s Freedom Plate Soi Next
OriginalFilename: Kohangas.exe
InternalName: Kohangas
Assembly Version: 5.6.4.5
LegalTrademarks: Copyright (c) 2014 - . All rights reserved. AVAST Software
CompanyName: AVAST Software
PrivateBuild: 5.6.4.5
Comments: 400s Freedom Plate Soi Next
Languages: English
ProductName: Kohangas
FileVersion: 5.6.4.5
ProductVersion: 5.6.4.5
Translation: 0x0409 0x04b0

Malware.AI.1851860220 also known as:

LionicTrojan.Win32.Yakes.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Jaik.35167
FireEyeGeneric.mg.a24fb5ec3c2efc67
ALYacGen:Variant.Jaik.35167
MalwarebytesMalware.AI.1851860220
VIPRETrojan.Win32.Generic!BT
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 005434591 )
AlibabaTrojan:Win32/Yakes.7874764d
K7GWTrojan ( 005434591 )
CrowdStrikewin/malicious_confidence_90% (W)
BitDefenderThetaGen:NN.ZexaF.34182.tq0@a0EEzvki
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/GenKryptik.CTMA
TrendMicro-HouseCallMal_MiliCry-1c
Paloaltogeneric.ml
ClamAVWin.Malware.Generickdz-6907156-0
KasperskyTrojan.Win32.Yakes.ygor
BitDefenderGen:Variant.Jaik.35167
NANO-AntivirusTrojan.Win32.Yakes.fkzxqf
AvastFileRepMalware
TencentWin32.Trojan.Yakes.Ljtv
Ad-AwareGen:Variant.Jaik.35167
EmsisoftGen:Variant.Jaik.35167 (B)
ComodoMalware@#3uvzl8pver4xt
DrWebTrojan.DownLoader27.19117
ZillyaAdware.Yakes.Win32.124
TrendMicroMal_MiliCry-1c
McAfee-GW-EditionArtemis!Trojan
SentinelOneStatic AI – Malicious PE
APEXMalicious
JiangminTrojan.Yakes.afxn
AviraHEUR/AGEN.1125216
Antiy-AVLTrojan/Generic.ASMalwS.29C34C4
MicrosoftTrojan:Win32/Occamy.C81
ViRobotTrojan.Win32.Z.Yakes.312832
GDataGen:Variant.Jaik.35167
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.MalCrypted.R248474
Acronissuspicious
McAfeeArtemis!A24FB5EC3C2E
VBA32BScope.Trojan.Agentb
CylanceUnsafe
RisingTrojan.GenKryptik!8.AA55 (CLOUD)
YandexTrojan.Yakes!jh5wivYzILQ
FortinetW32/GenKryptik.CTLQ!tr
AVGFileRepMalware
PandaTrj/CI.A

How to remove Malware.AI.1851860220?

Malware.AI.1851860220 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment