Malware

Malware.AI.1957048519 information

Malware Removal

The Malware.AI.1957048519 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.1957048519 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Uses Windows utilities for basic functionality
  • Reads data out of its own binary image
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Behavioural detection: Injection (inter-process)
  • Touches a file containing cookies, possibly for information gathering

How to determine Malware.AI.1957048519?



File Info:

name: D20851E0FEF3D5CFC9B9.mlw
path: /opt/CAPEv2/storage/binaries/360edd01a9f3b40d3605c4734de8417685e477477333f9763cfd3d109fa7ee3a
crc32: 76E53541
md5: d20851e0fef3d5cfc9b9447f40931e93
sha1: f36087dddf5542c282946f163ed2b316ab6e13dd
sha256: 360edd01a9f3b40d3605c4734de8417685e477477333f9763cfd3d109fa7ee3a
sha512: 7b55e3b7a8a7fc7815cca2887663139e57f31d3a057220105e41e5fe603f8c7a38b944c799796f4ae2641df9cb82719e297a96ae5c5ffc76f5a32292a13e5a69
ssdeep: 12288:q0IiWr9oPF5X5nheQuzGEcMecuq0DZ5dmJTBYz3Uv:q0Ip25nhebjc/cuzZvs
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1A6D47E33F1F18437D1B22B7C9D6BA399982A7D102D38984EBBE41D4C4F3A6513A252D7
sha3_384: e30f5043da103b2b48d8488654d334bdb6924cf4b48e5405787d60f5ec35c60b301dee9c948bac12404d856f205a4e3c
ep_bytes: 558bec83c4f0b8c0284800e87443f8ff
timestamp: 1992-06-19 22:22:17


Version Info:

CompanyName: Leawo Software Co., Ltd.
FileDescription: 
FileVersion: 1.0.0.3
InternalName: 
LegalCopyright: Copyright 2006-2009 Leawo Software Co., Ltd.
LegalTrademarks: 
OriginalFilename: 
ProductName: 
ProductVersion: 1.0
Translation: 0x0804 0x03a8

Malware.AI.1957048519 also known as:

LionicTrojan.Win32.FakeTao.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.Generic.6209770
FireEyeGeneric.mg.d20851e0fef3d5cf
SkyhighBehavesLike.Win32.ObfuscatedPoly.jh
McAfeeArtemis!D20851E0FEF3
Cylanceunsafe
ZillyaTrojan.FakeTao.Win32.30
SangforTrojan.Win32.Agent.ruy
K7AntiVirusTrojan ( 7000000f1 )
AlibabaTrojan:Win32/FakeTao.156f729f
K7GWTrojan ( 7000000f1 )
Cybereasonmalicious.ddf554
BitDefenderThetaGen:NN.ZelphiF.36744.NG1@aytW9hfb
VirITTrojan.Win32.FakeTao.A
SymantecTrojan.Gen.MBT
ESET-NOD32Win32/Delf.QET
CynetMalicious (score: 100)
APEXMalicious
ClamAVWin.Trojan.Agent-531091
KasperskyTrojan.Win32.FakeTao.a
BitDefenderTrojan.Generic.6209770
NANO-AntivirusTrojan.Win32.FakeTao.ckpqo
AvastWin32:FakeTao-A [Trj]
SophosMal/Generic-S
DrWebBackDoor.BlackHole.4567
VIPRETrojan.Generic.6209770
EmsisoftTrojan.Generic.6209770 (B)
IkarusTrojan.SuspectCRC
GDataTrojan.Generic.6209770
WebrootW32.Trojan.Gen
Kingsoftmalware.kb.a.967
XcitiumMalware@#4sas62un8gfo
ArcabitTrojan.Generic.D5EC0EA
ZoneAlarmTrojan.Win32.FakeTao.a
MicrosoftProgram:Win32/Wacapew.C!ml
VaristW32/Delf.WGNV-0762
AhnLab-V3Trojan/Win32.FakeTao.R27762
VBA32Trojan.Banker.7257
ALYacTrojan.Generic.6209770
MAXmalware (ai score=100)
MalwarebytesMalware.AI.1957048519
PandaTrj/CI.A
RisingTrojan.FakeTao!8.4940 (TFE:5:wbncGeTOG0Q)
YandexTrojan.CL.Agent!QqSwqK6KlTQ
MaxSecureTrojan.Malware.2123158.susgen
FortinetW32/FakeTao.A!tr
AVGWin32:FakeTao-A [Trj]
CrowdStrikewin/malicious_confidence_70% (W)

How to remove Malware.AI.1957048519?

Malware.AI.1957048519 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment