Malware

Malware.AI.1961122734 (file analysis)

Malware Removal

The Malware.AI.1961122734 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Malware.AI.1961122734 virus can do?

  • Dynamic (imported) function loading detected
  • Authenticode signature is invalid
  • Anomalous binary characteristics
  • Binary compilation timestomping detected

How to determine Malware.AI.1961122734?


File Info:

name: C6312AC6F40104AA8694.mlw
path: /opt/CAPEv2/storage/binaries/40fcfd78a40856e59516b0374367df049fbc1bec24ebfe4beda38f4af22074ed
crc32: B7BB4C9B
md5: c6312ac6f40104aa8694cf74ccb54427
sha1: 762b228e80ce714a164ecccf08c85ef34527abca
sha256: 40fcfd78a40856e59516b0374367df049fbc1bec24ebfe4beda38f4af22074ed
sha512: d4542e0e267600789c07c5caf562e7e321f6f81d766bddbf032d5025c32dd44d48cb34ff7602e22bc5c66cadfbd36d61e127597ffff680ede3a21fe91b9da3f1
ssdeep: 192:/8Ps7wTjVXwpsmza2Vtq+/rzsB15qR/gtEj/qD/KsVMn:UPs8TRXx+VA+/rwD5bV2
type: PE32+ executable (GUI) x86-64, for MS Windows
tlsh: T1C632D814FBE8C526C97E16758DA343408B76F6079422DA1F1EC9A28F9E13385CA53B72
sha3_384: 6a90318d3cab1ac62b7b539f8ce538fd9614aaa9fd891cf6d28d31c6b96f174eb9444cc3618280b16181bf17cd3cf91e
ep_bytes: 4d5a90000300000004000000ffff0000
timestamp: 2073-10-16 11:15:14

Version Info:

Translation: 0x0000 0x04b0
Comments:
CompanyName:
FileDescription: dllhost
FileVersion: 1.0.0.0
InternalName: dllhost.exe
LegalCopyright: Copyright © krzys_h & loczek 2021
LegalTrademarks:
OriginalFilename: dllhost.exe
ProductName: dllhost
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Malware.AI.1961122734 also known as:

LionicTrojan.MSIL.IRCbot.4!c
MicroWorld-eScanTrojan.GenericKD.38202022
FireEyeTrojan.GenericKD.38202022
ALYacTrojan.GenericKD.38202022
CylanceUnsafe
K7AntiVirusBackdoor ( 0058b92d1 )
AlibabaTrojan:MSIL/IRCbot.5076ae6b
K7GWBackdoor ( 0058b92d1 )
SymantecTrojan.Gen.MBT
ESET-NOD32MSIL/IRCBot.II
TrendMicro-HouseCallTROJ_GEN.R002C0WL921
KasperskyHEUR:Trojan.MSIL.IRCbot.gen
BitDefenderTrojan.GenericKD.38202022
AvastWin64:TrojanX-gen [Trj]
TencentMalware.Win32.Gencirc.11db8504
Ad-AwareTrojan.GenericKD.38202022
SophosMal/Generic-S
TrendMicroTROJ_GEN.R002C0WL921
McAfee-GW-EditionArtemis
EmsisoftTrojan.GenericKD.38202022 (B)
IkarusTrojan.MSIL.IRCBot
AviraBDS/IRCBot.xehvx
GridinsoftRansom.Win64.Sabsik.sa
ViRobotTrojan.Win32.Z.Ircbot.11280
GDataTrojan.GenericKD.38202022
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win.Generic.C4827046
McAfeeArtemis!C6312AC6F401
MAXmalware (ai score=85)
MalwarebytesMalware.AI.1961122734
APEXMalicious
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetPossibleThreat
AVGWin64:TrojanX-gen [Trj]
CrowdStrikewin/malicious_confidence_60% (W)

How to remove Malware.AI.1961122734?

Malware.AI.1961122734 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment