Malware

Malware.AI.1959217757 removal

Malware Removal

The Malware.AI.1959217757 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.1959217757 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary contains an unknown PE section name indicative of packing
  • Executable file is packed/obfuscated with ASPack
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Detects Bochs through the presence of a registry key
  • Anomalous binary characteristics

How to determine Malware.AI.1959217757?



File Info:

name: 54C9F7DA26B3499464F4.mlw
path: /opt/CAPEv2/storage/binaries/c3bdddd61be78d897fdca79662afa1e255e92d900a0b63a6ada059a9630f2e39
crc32: 221B5F52
md5: 54c9f7da26b3499464f4a5bc3c9858b8
sha1: 57ff3f01bf6b0fb8a90276b9e59ff88e3a2a82cd
sha256: c3bdddd61be78d897fdca79662afa1e255e92d900a0b63a6ada059a9630f2e39
sha512: 6fb9243f16913a58848e86fb655072016d5742b1efd4f60101ae4860a80c34b092045d32fd98ca8600f70daab0fb03ae298cbeb147d6232850f5fa7e1c40ca96
ssdeep: 1536:GlEgLlg9qJdqCfyWKwZLs2FV/L7nxHHS2ByDvuf/QTwSApSLus+t:Gt54qmFW/XTFtBSvuHQTwS6SLus
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1FBC3CF516A9BC462FBC5B274D8EA1EB6D7081C695A34C5FFA8B13CD92FBD233C402251
sha3_384: b1b6e16b60a7adfac8c8ddb99b254969835b136c607c974c8baf4046fa791fa8ac21df82ddc2effbc356d5c72ba38d16
ep_bytes: 60e803000000e9eb045d4555c3e80100
timestamp: 2007-01-16 03:45:10


Version Info:

Translation: 0x0804 0x04b0
CompanyName: www.fav.com.cn
ProductName: IPCFG
FileVersion: 6.01.0007
ProductVersion: 6.01.0007
InternalName: IPCFG
OriginalFilename: IPCFG.exe

Malware.AI.1959217757 also known as:

BkavW32.AIDetectMalware
Elasticmalicious (high confidence)
FireEyeGeneric.mg.54c9f7da26b34994
SkyhighBehavesLike.Win32.Generic.cm
MalwarebytesMalware.AI.1959217757
Cybereasonmalicious.1bf6b0
APEXMalicious
CynetMalicious (score: 100)
NANO-AntivirusTrojan.Win32.Clicker.eljnen
DrWebTrojan.Click2.44737
Trapminemalicious.moderate.ml.score
SophosML/PE-A
IkarusTrojan-Clicker.Win32.VB
GoogleDetected
Antiy-AVLTrojan/Win32.Wacatac
Kingsoftmalware.kb.a.1000
MicrosoftProgram:Win32/Wacapew.C!ml
McAfeeGenericRXAW-ZK!DDCA453C20FD
VBA32TScope.Trojan.VB
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
CrowdStrikewin/malicious_confidence_70% (D)

How to remove Malware.AI.1959217757?

Malware.AI.1959217757 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment