Malware

Malware.AI.1956204754 malicious file

Malware Removal

The Malware.AI.1956204754 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.1956204754 virus can do?

  • Uses Windows utilities for basic functionality
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Uses Windows utilities to create a scheduled task
  • CAPE detected the shellcode get eip malware family
  • Deletes executed files from disk
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Malware.AI.1956204754?



File Info:

name: A254ADD80291AAE56514.mlw
path: /opt/CAPEv2/storage/binaries/ad46a209dc0367b453912190f98d9248d1f155b6ad41a6058b297909df9f5207
crc32: 17AD7944
md5: a254add80291aae56514dfe2715d409d
sha1: b708ebecaf29fc1f287386bd917f05cce20cb0bc
sha256: ad46a209dc0367b453912190f98d9248d1f155b6ad41a6058b297909df9f5207
sha512: e97b55ac46cb3236cc90f93f09ef53dde6f90ca8aa091e13c3139fb690195cdc2b4fa7cd3bbf9a79689db40bf7414550bc90d6c4dff3f1105431dd66f7eb5b9c
ssdeep: 12288:X2EKZ5cibfrzdfDQnWTa1wN93WWUaA7IcmJdDuDyXf3vPG9WZ1fXq5oS:X2EKnRbdfU44wMEcmjuDyXvvPrl
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T16AF423BFA2ECE585D58B647BDC893FD3587D5A148A8861CE345CC2B0F5D00F5C8A682B
sha3_384: adb92e0b5f4af3fcecba395bcd6552eafb251fdecad61427c9c1c5c742f2d7b65bf3ddeb42a8d59ecb6fa7ca02de528c
ep_bytes: 60be15f056008dbeeb1fe9ff5789e58d
timestamp: 2009-02-07 06:33:08


Version Info:

0: [No Data]

Malware.AI.1956204754 also known as:

BkavW32.Common.4885C690
LionicTrojan.Win32.Generic.4!c
SkyhighBehavesLike.Win32.Generic.bc
MalwarebytesMalware.AI.1956204754
SangforTrojan.Win32.Agent.V75f
CrowdStrikewin/malicious_confidence_60% (W)
Elasticmalicious (moderate confidence)
CynetMalicious (score: 100)
KasperskyUDS:DangerousObject.Multi.Generic
AvastWin32:Malware-gen
Trapminesuspicious.low.ml.score
FireEyeGeneric.mg.a254add80291aae5
SentinelOneStatic AI – Suspicious PE
Antiy-AVLTrojan/Win32.Agent
KingsoftWin32.Troj.Unknown.a
XcitiumMalware@#2uxicn1wdse5l
ZoneAlarmUDS:DangerousObject.Multi.Generic
McAfeeRDN/generic.dx
VBA32BScope.Trojan.Patched
Cylanceunsafe
TrendMicro-HouseCallTROJ_GEN.R002H0CA924
RisingTrojan.Generic@AI.100 (RDML:ZRlhONttE/Ml8E0ETrteTQ)
MaxSecureTrojan.Malware.300983.susgen
AVGWin32:Malware-gen
Cybereasonmalicious.caf29f
DeepInstinctMALICIOUS

How to remove Malware.AI.1956204754?

Malware.AI.1956204754 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment