Malware

About “Malware.AI.1992004685” infection

Malware Removal

The Malware.AI.1992004685 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.1992004685 virus can do?

  • Sample contains Overlay data
  • Presents an Authenticode digital signature
  • Performs HTTP requests potentially not found in PCAP.
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Attempts to modify proxy settings
  • Deletes executed files from disk
  • Uses suspicious command line tools or Windows utilities

How to determine Malware.AI.1992004685?



File Info:

name: 1DC03178AED46FD8CEBF.mlw
path: /opt/CAPEv2/storage/binaries/a0c23edee6437b20c00a543c1f17f5994379c185fab89db31b2353d4124e97bf
crc32: 1F764276
md5: 1dc03178aed46fd8cebffb197f7a2c09
sha1: 74267d92f434854bdf5cc338ed1cf899ef91542c
sha256: a0c23edee6437b20c00a543c1f17f5994379c185fab89db31b2353d4124e97bf
sha512: 9d77f0215097da51682ae5212da4dbabf2b3eae4ef33d91733ebc7426a174d8a88990a71e5baced69fb55c5c40c1f3a28cf10445aa65b1466de01c7b4533f767
ssdeep: 3072:JRYcobzPRazWUXSmNMmEtgq+4yZ6WJcE0ZLmWaJsp:J8bzYWifFU+4ytJcpZLO6
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T110C3BE4372719032D59B49B0718AEB7649BBFA3011F2A887E3154485BE917F1FF36A83
sha3_384: 39055d17e1273a3541f6fdea4d0458d5bdda22e67c1b17c5662a98e74a292dfb46d02f398ca8da9daacba15fd977bee1
ep_bytes: 558bec83e4f8e84a35ffffe81e4bffff
timestamp: 2019-07-23 13:12:38


Version Info:

0: [No Data]

Malware.AI.1992004685 also known as:

LionicTrojan.Win32.Kpot.i!c
DrWebTrojan.PWS.Stealer.27422
MicroWorld-eScanGen:Variant.Graftor.773991
FireEyeGeneric.mg.1dc03178aed46fd8
ALYacGen:Variant.Graftor.773991
MalwarebytesMalware.AI.1992004685
VIPREGen:Variant.Graftor.773991
SangforTrojan.Win32.Agent.PTL
K7AntiVirusRiskware ( 0040eff71 )
AlibabaTrojanPSW:Win32/Generic.136cb8b1
K7GWRiskware ( 0040eff71 )
Cybereasonmalicious.8aed46
BitDefenderThetaGen:NN.ZexaF.36196.hmZ@a0hTQFh
CyrenW32/Agent.BQR.gen!Eldorado
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Spy.Agent.PTL
APEXMalicious
Paloaltogeneric.ml
ClamAVWin.Dropper.KpotStealer-9322564-1
KasperskyTrojan-Ransom.Win32.Hermez.ck
BitDefenderGen:Variant.Graftor.773991
NANO-AntivirusVirus.Win32.Gen.ccmw
AvastWin32:Trojan-gen
TencentWin32.Trojan.FalseSign.Cflw
EmsisoftGen:Variant.Graftor.773991 (B)
F-SecureTrojan.TR/Crypt.XPACK.Gen
ZillyaTrojan.Agent.Win32.1126464
McAfee-GW-EditionGenericRXIK-IM!1DC03178AED4
SophosMal/Agent-AUF
SentinelOneStatic AI – Suspicious PE
GDataGen:Variant.Graftor.773991
JiangminTrojan.Hermez.ab
WebrootW32.Trojan.Gen
AviraTR/Crypt.XPACK.Gen
Antiy-AVLTrojan/Win32.Wacatac
ArcabitTrojan.Graftor.DBCF67
ZoneAlarmTrojan-Ransom.Win32.Hermez.ck
MicrosoftTrojan:Win32/Yakes.RL!MTB
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Generic.C3344820
McAfeeGenericRXIK-IM!1DC03178AED4
MAXmalware (ai score=80)
VBA32suspected of Trojan.Downloader.gen
Cylanceunsafe
PandaTrj/CI.A
RisingStealer.KPOT!1.BA3E (CLASSIC)
YandexTrojanSpy.Stealer!A6WLUxWTcE0
IkarusTrojan-Spy.Agent
MaxSecureTrojan.Malware.74499960.susgen
FortinetW32/Agent.AUF!tr.spy
AVGWin32:Trojan-gen
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Malware.AI.1992004685?

Malware.AI.1992004685 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment