Malware

Should I remove “Malware.AI.1924577533”?

Malware Removal

The Malware.AI.1924577533 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.1924577533 virus can do?

  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid

How to determine Malware.AI.1924577533?



File Info:

name: F54EBB15D7AE8117DB71.mlw
path: /opt/CAPEv2/storage/binaries/2c1a7eaed17cb2bacb47bd8e7d56a963f5a1975f909ed002b7b82acb2dfb95ec
crc32: 5F818CD0
md5: f54ebb15d7ae8117db71c6aed5fefc9f
sha1: c6ddb4eb8895fc772e4bacb7981fe491b4019840
sha256: 2c1a7eaed17cb2bacb47bd8e7d56a963f5a1975f909ed002b7b82acb2dfb95ec
sha512: 035277775dc05a68722d9b16ce2e40855f8dc4de8ac982b6ed84eb7f804d39a31cf91c6e5a601b61d08dfef1524a8d82b761054888b6a4f1b224a91627d5a37f
ssdeep: 24576:+TXDCLUbMHo48BFV4djZShxvBoe+L5LTNraIM2zFZcHBaHp6Ed8X2VT:+TTKyExPdlOq5fNrfM2IByjS2V
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1E67523367BD7864ED2039E7D05A75F3864ACDE8C3E5ACF9293767928D334A751C022A0
sha3_384: f2f2c5c496ed9e19e6b7b9ea89fb1dfd4798a0242fe8dffdd42c76781ba34f0d7f1b2a021a8e4498b20ccfb95990e48e
ep_bytes: 60be00c072008dbe0050cdff5789e58d
timestamp: 2022-04-04 10:47:05


Version Info:

CompanyName: Zhuhai Kingsoft Office Software Co.,Ltd
FileDescription: WPS Office
FileVersion: 11,1,0,11365
InternalName: ksolaunch
LegalCopyright: Copyright©2022 Kingsoft Corporation. All rights reserved.
OriginalFilename: ksolaunch.exe
ProductName: WPS Office
ProductVersion: 11,1,0,11365
MIMEType: 
Translation: 0x0000 0x04b0

Malware.AI.1924577533 also known as:

tehtrisGeneric.Malware
MicroWorld-eScanGen:Variant.Tedy.150005
FireEyeGen:Variant.Tedy.150005
ALYacGen:Variant.Tedy.150005
K7AntiVirusTrojan ( 0059380b1 )
BitDefenderThetaGen:NN.ZelphiF.34646.MnKfaWLz3Dki
SymantecML.Attribute.HighConfidence
Elasticmalicious (moderate confidence)
ESET-NOD32a variant of Win32/QQWare.DM
TrendMicro-HouseCallTROJ_GEN.R011C0PIC22
BitDefenderGen:Variant.Tedy.150005
NANO-AntivirusTrojan.Win32.DownLoad4.jpbucg
CynetMalicious (score: 99)
AvastFileRepMalware [Trj]
Ad-AwareGen:Variant.Tedy.150005
EmsisoftGen:Variant.Tedy.150005 (B)
DrWebTrojan.DownLoad4.14865
VIPREGen:Variant.Tedy.150005
TrendMicroTROJ_GEN.R011C0PIC22
McAfee-GW-EditionGenericRXTJ-LM!8D57AB325B2F
SentinelOneStatic AI – Suspicious PE
Trapminemalicious.high.ml.score
APEXMalicious
GDataGen:Variant.Tedy.150005
AviraTR/QQTen.mquyg
Antiy-AVLTrojan/Generic.ASMalwS.5406
MicrosoftTrojan:Win32/Wacatac.B!ml
AhnLab-V3Malware/Win.Generic.C5115636
McAfeeGenericRXTJ-LM!8D57AB325B2F
MAXmalware (ai score=86)
VBA32BScope.Trojan.Hesv
MalwarebytesMalware.AI.1924577533
RisingStealer.QQPass!1.DE10 (CLOUD)
IkarusTrojan.Win32.QQWare
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/QQWare.DM!tr
AVGFileRepMalware [Trj]

How to remove Malware.AI.1924577533?

Malware.AI.1924577533 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment