Malware

Malware.AI.1979141192 (file analysis)

Malware Removal

The Malware.AI.1979141192 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.1979141192 virus can do?

  • Sample contains Overlay data
  • Performs HTTP requests potentially not found in PCAP.
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • Authenticode signature is invalid
  • Attempts to repeatedly call a single API many times in order to delay analysis time
  • Attempts to modify proxy settings
  • Anomalous binary characteristics

How to determine Malware.AI.1979141192?



File Info:

name: 055798FDB6657E125746.mlw
path: /opt/CAPEv2/storage/binaries/423a9e656c7db7fb7f63d88a43634ca4be3c3ae4f9423fcfaac7b1e6427238d5
crc32: 80AE0ECA
md5: 055798fdb6657e125746b62fd29e3dfd
sha1: 71581bae034d7b3dcdc714cb444e18fe0e8ed880
sha256: 423a9e656c7db7fb7f63d88a43634ca4be3c3ae4f9423fcfaac7b1e6427238d5
sha512: fc6e6f29b2f886a3d6a82bf5a81e57673f4d415901957ee83c878fd1fdc49494973dd3a5261175c117bc30c7b9dfa529abe1ea0e3b50ec8f952925c8877885d9
ssdeep: 768:cZ6JDwRZfhXILHIPPY5mm4J2Pw2DXMWNPemR:cs65amp2TMWjR
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1C6C32CD4D591AE3AC3A759BA9074EE4560313CD0F71684AFB87B72C0FE726C2396092D
sha3_384: fef6c9cfd3bc863574b4e2ec92aa57172e61e67951d5ba470abc233caaa5afceb58a2cb3b587ba60bcb9a538275c2232
ep_bytes: 558bec81ec3808000053565733f656ff
timestamp: 2013-11-25 13:59:22


Version Info:

0: [No Data]

Malware.AI.1979141192 also known as:

BkavW32.AIDetectMalware
tehtrisGeneric.Malware
DrWebTrojan.DownLoad3.28161
MicroWorld-eScanTrojan.Ppatre.Gen.1
FireEyeGeneric.mg.055798fdb6657e12
CAT-QuickHealTrojanDownlder.Upatre.MUE.A5
ALYacTrojan.Ppatre.Gen.1
MalwarebytesMalware.AI.1979141192
VIPRETrojan.Ppatre.Gen.1
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan-Downloader ( 0055f33b1 )
K7GWTrojan-Downloader ( 0055f33b1 )
Cybereasonmalicious.db6657
BitDefenderThetaGen:NN.ZexaF.36196.huZ@aCNrgVii
VirITTrojan.Win32.DownLoad3.BPRD
CyrenW32/S-94becf64!Eldorado
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32Win32/TrojanDownloader.Small.AAB
APEXMalicious
ClamAVWin.Dropper.Upatre-7613449-0
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderTrojan.Ppatre.Gen.1
NANO-AntivirusTrojan.Win32.DownLoad3.cqypar
SUPERAntiSpywareTrojan.Agent/Gen-Downloader
AvastWin32:Waski-A [Trj]
TencentTrojan-Downloader.Win32.Small.haa
EmsisoftTrojan.Ppatre.Gen.1 (B)
F-SecureTrojan.TR/Dropper.Gen
BaiduWin32.Trojan-Downloader.Small.ck
ZillyaDownloader.SmallGen.Win32.2
McAfee-GW-EditionBehavesLike.Win32.Generic.ct
Trapminemalicious.moderate.ml.score
SophosTroj/Upatre-YW
SentinelOneStatic AI – Malicious PE
GDataWin32.Trojan-Downloader.Upatre.BJ
JiangminTrojan/Generic.azrvz
AviraTR/Dropper.Gen
Antiy-AVLTrojan/Win32.Waski.a
XcitiumTrojWare.Win32.TrojanDownloader.Upatre.A@52i1eo
ArcabitTrojan.Ppatre.Gen.1
ZoneAlarmHEUR:Trojan.Win32.Generic
MicrosoftTrojan:Win32/Upatre.MF!MTB
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Dloader.R87521
McAfeeGenericRXUB-BS!055798FDB665
MAXmalware (ai score=80)
VBA32Trojan.Download
Cylanceunsafe
PandaTrj/Genetic.gen
RisingDownloader.Agent!1.C06E (CLASSIC)
YandexTrojan.Agent!MZCBME/yv1M
IkarusTrojan.Win32.Crypt
MaxSecureTrojan.Upatre.Gen
FortinetW32/Waski.A!tr
AVGWin32:Waski-A [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (D)

How to remove Malware.AI.1979141192?

Malware.AI.1979141192 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment