Malware

Malware.AI.1927514073 removal

Malware Removal

The Malware.AI.1927514073 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.1927514073 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Presents an Authenticode digital signature
  • CAPE extracted potentially suspicious content
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Behavioural detection: Injection (Process Hollowing)
  • Behavioural detection: Injection (inter-process)
  • Creates a copy of itself
  • Deletes executed files from disk
  • Created a service that was not started

How to determine Malware.AI.1927514073?



File Info:

name: 3FBA0B00620397A99095.mlw
path: /opt/CAPEv2/storage/binaries/2ffd80bc4a5d55de83e3d40eb294ec0f7222fa426d39fceca776de01f235aa9a
crc32: 75698DB0
md5: 3fba0b00620397a990956405175abe71
sha1: 5fa063d21d31dd3c45cf733a18a92ec15861ad37
sha256: 2ffd80bc4a5d55de83e3d40eb294ec0f7222fa426d39fceca776de01f235aa9a
sha512: 732adb5159576039ad180c5c184b3948fcbba9714783ec4616b55ffd4ccb037d6778befcfcddd8dcee9b53f83716475e7683364240cb8b14a2d624792f10641e
ssdeep: 12288:Y6lg9NZK9jbrW5AwGwHDx1fKIRnRvVtO2tjvP5cU7MoScS/dlIeiL8Kq:X+969/rW5AjixFpRvjO2tRXWji
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T154057E23F6919437D1732B38DC2B9355582ABF102E28A84B2BF41D5C9F797813D2A2D7
sha3_384: d5779e726c66cb0c9fd4d890507754a232656c5cad4eb5e248f59d5f75e8343ac44c918dd3d9641d4289faf5a7c956dd
ep_bytes: 558becb9040000006a006a004975f990
timestamp: 1992-06-19 22:22:17


Version Info:

CompanyName: Tencent
FileVersion: 4, 20, 0, 19
InternalName: TTraveler.exe
LegalCopyright: Copyright (C) 2005-2009 TENCENT Inc. All Rights Reserved
OriginalFilename: TTraveler.exe
ProductName: Tencent Traveler
ProductVersion: 4, 20, 0, 19
Translation: 0x0409 0x04e4

Malware.AI.1927514073 also known as:

BkavW32.AIDetect.malware1
LionicTrojan.Win32.Hupigon.l2g7
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Fugrafa.7307
FireEyeGeneric.mg.3fba0b00620397a9
ALYacGen:Variant.Fugrafa.7307
CylanceUnsafe
VIPREGen:Variant.Fugrafa.7307
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 7000000f1 )
AlibabaBackdoor:Win32/Hupigon.a0fb6b09
K7GWTrojan ( 7000000f1 )
Cybereasonmalicious.062039
BitDefenderThetaGen:NN.ZelphiF.34698.XO0@a8alJ1ib
VirITPacked.Win32.PePatch.KO
CyrenW32/Hupigon.AJ.gen!Eldorado
SymantecTrojan.Gen.2
ESET-NOD32a variant of Win32/Hupigon
TrendMicro-HouseCallTROJ_AGENT_049690.TOMB
Paloaltogeneric.ml
ClamAVWin.Trojan.Hupigon-9968338-0
KasperskyBackdoor.Win32.Hupigon.odgd
BitDefenderGen:Variant.Fugrafa.7307
NANO-AntivirusTrojan.Win32.Hupigon.dgcdwt
CynetMalicious (score: 100)
AvastWin32:Hupigon-OSE [Trj]
TencentWin32.Backdoor.Hupigon.Wwhl
Ad-AwareGen:Variant.Fugrafa.7307
EmsisoftGen:Variant.Fugrafa.7307 (B)
ComodoBackdoor.Win32.vanbot.a02asd@4jxf0a
F-SecureBackdoor:W32/Hupigon.OKA
DrWebBackDoor.Pigeon.41464
ZillyaBackdoor.Hupigon.Win32.99209
TrendMicroTROJ_AGENT_049690.TOMB
McAfee-GW-EditionBehavesLike.Win32.Autorun.bh
SentinelOneStatic AI – Malicious PE
Trapminemalicious.high.ml.score
SophosMal/Hupig-AK
APEXMalicious
JiangminBackdoor/Hupigon.ovk
WebrootW32.Bifrose.Gen
AviraDR/Patched.Ren.Gen
Antiy-AVLTrojan/Generic.ASCommon.4C
KingsoftWin32.Hack.Huigezi.rs.(kcloud)
MicrosoftTrojan:Win32/Skeeyah.A!rfn
ArcabitTrojan.Fugrafa.D1C8B
ViRobotBackdoor.Win32.Hupigon.812032.F
GDataWin32.Trojan.PSE.14IIXYG
GoogleDetected
AhnLab-V3Win-Trojan/Hupigon.Gen
Acronissuspicious
McAfeeBackDoor-EME
MAXmalware (ai score=100)
VBA32OScope.Backdoor.Hupigon.axbr
MalwarebytesMalware.AI.1927514073
RisingBackdoor.Hupigon!1.A04C (CLASSIC)
YandexTrojan.GenAsa!F5fD4KJqwfc
IkarusBackdoor.Win32.Hupigon
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Hupigon.OSE!tr.bdr
AVGWin32:Hupigon-OSE [Trj]
PandaGeneric Malware
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Malware.AI.1927514073?

Malware.AI.1927514073 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment