Malware

How to remove “Malware.AI.1961790083”?

Malware Removal

The Malware.AI.1961790083 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.1961790083 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Unconventionial language used in binary resources: Lithuanian (Classic)
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Behavioural detection: Injection (Process Hollowing)
  • Behavioural detection: Injection (inter-process)
  • CAPE detected the shellcode get eip malware family
  • Anomalous binary characteristics
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Malware.AI.1961790083?



File Info:

name: F5926FEFD72A241BA911.mlw
path: /opt/CAPEv2/storage/binaries/e21cb9e3e1945ed25df512a75dac04298c99240e26b8a0960757ab0676ecdc29
crc32: B504F7E2
md5: f5926fefd72a241ba9116d3c6b5a097c
sha1: ede8d6d9a7f86611c04ade91e262b4f2b53a509a
sha256: e21cb9e3e1945ed25df512a75dac04298c99240e26b8a0960757ab0676ecdc29
sha512: 8b36b7ad7cc6d6c58f05576b331e37220e08d183372fd36a88c679584d6747f7b228d8c7da1695fa585bd930c34a1094b799d2ea02b0eb4066e3190b48f3b1ed
ssdeep: 768:tNMbiFKoELVxrcCsUmWkpbrD7GpxkTIzQMBIm6aNGyUwq9JaTovtebSo:tWBoEcCsUVEbr+BZG1CutY
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T15B43FA223A9F0032E37DFFB6292F41B65721BC714920493E5ABAEA5DDA3DF41145270B
sha3_384: 07ce7f4ea5e251b8bcee135e51783282ab3d2602f04a73a5d4c74166aca14d731a65ee61c9f796b8fe4c837cee92cc07
ep_bytes: 682c204000e8f0ffffff000000000000
timestamp: 2014-06-04 09:18:28


Version Info:

Translation: 0x0409 0x04b0
CompanyName: Dr. W. Kutschera
FileDescription: "Iekљzemes kopprodukts (IKP) ir valsts tautsaimnieciba gada laika saraћotais galaprodukts naudas izteiksme.
LegalCopyright: Dr. W. Kutschera et al.) took place at the IKP in the framework of the BCGS (Bonn-Cologne Graduate School)
ProductName: Dr. W. Kutschera
FileVersion: 1.00.0227
ProductVersion: 1.00.0227
InternalName: Tenmnajswish
OriginalFilename: Tenmnajswish.exe

Malware.AI.1961790083 also known as:

BkavW32.AIDetectMalware
AVGWin32:Emotet-AJ [Trj]
Elasticmalicious (high confidence)
DrWebTrojan.PWS.Tinba.148
MicroWorld-eScanGen:Trojan.Heur2.ZGY.5
FireEyeGeneric.mg.f5926fefd72a241b
SkyhighBehavesLike.Win32.Generic.qm
McAfeeEmotet-FGNI!F5926FEFD72A
MalwarebytesMalware.AI.1961790083
SangforSuspicious.Win32.Save.vb
K7AntiVirusTrojan ( 004bc84c1 )
K7GWTrojan ( 004bc84c1 )
BitDefenderThetaAI:Packer.254A2CEF15
SymantecML.Attribute.HighConfidence
tehtrisGeneric.Malware
ESET-NOD32a variant of Win32/Injector.BXUF
CynetMalicious (score: 100)
APEXMalicious
AvastWin32:Emotet-AJ [Trj]
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Trojan.Heur2.ZGY.5
NANO-AntivirusTrojan.Win32.VBKrypt.dwxwhe
TencentMalware.Win32.Gencirc.10b48cd6
EmsisoftGen:Trojan.Heur2.ZGY.5 (B)
F-SecureTrojan.TR/Dropper.Gen
ZillyaTrojan.Injector.Win32.1829951
Trapminemalicious.moderate.ml.score
SophosMal/VB-APG
SentinelOneStatic AI – Malicious PE
JiangminTrojan/VBKrypt.ifag
VaristW32/VBKrypt.BLE.gen!Eldorado
AviraTR/Dropper.Gen
MAXmalware (ai score=84)
Antiy-AVLTrojan/Win32.VBKrypt
Kingsoftmalware.kb.a.994
MicrosoftTrojan:Win32/Tinba!pz
XcitiumTrojWare.Win32.Tinba.FB@7y7cb7
ArcabitTrojan.Heur2.ZGY.5
ZoneAlarmHEUR:Trojan.Win32.Generic
GDataGen:Trojan.Heur2.ZGY.5
GoogleDetected
AhnLab-V3Dropper/Win.VB.R638603
VBA32TScope.Trojan.VB
Cylanceunsafe
PandaTrj/Genetic.gen
RisingDownloader.Dofoil!8.322 (TFE:3:IcxVQxTqQyV)
IkarusTrojan.Win32.Tinba
FortinetW32/Injector.CLTY!tr
DeepInstinctMALICIOUS

How to remove Malware.AI.1961790083?

Malware.AI.1961790083 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment