Malware

What is “Malware.AI.2209340546”?

Malware Removal

The Malware.AI.2209340546 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.2209340546 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Creates RWX memory
  • Guard pages use detected – possible anti-debugging.
  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Binary compilation timestomping detected

How to determine Malware.AI.2209340546?



File Info:

name: 07D914A0B27D1345E325.mlw
path: /opt/CAPEv2/storage/binaries/a27507861a8c63a84731cd753b91093621894b703104cde5f5a0fcbbe33aa4d1
crc32: 65FF6B37
md5: 07d914a0b27d1345e325303ba6ba026a
sha1: 41b8434dd4b6c08e3a6dc434777eed86f3a21533
sha256: a27507861a8c63a84731cd753b91093621894b703104cde5f5a0fcbbe33aa4d1
sha512: dbdbf3ece58bfa914047db7edf22c9d429cd263552dd20418bbbaf4fcbd2a0dfb2c53be520cf2a0e06448d8d4e55a625e9121c867d7d8ed70d14e81a3251cfa5
ssdeep: 6144:/0LskCW4iGEZ/F+bLu0KSDWgrAfjwhskCkq:tkCW4iPCbLu0KoIfj3kCB
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1AE64D02345D5F08EEEE986B501522E5845E1BC0F28A1BA2FDC40716BABF37EE0DE5057
sha3_384: e67b549a6ca94e5b07ba2d65bef0841b9e59f910d49469a721870b80559d97a3e3289d0e3e1d26c5ec2d8e7de674a3e7
ep_bytes: ff250020400000000000000000000000
timestamp: 2088-04-03 15:50:22


Version Info:

Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: Block9Yin
FileVersion: 1.0.0.0
InternalName: Block9Yin.exe
LegalCopyright: Copyright ©  2021
LegalTrademarks: 
OriginalFilename: Block9Yin.exe
ProductName: Block9Yin
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Malware.AI.2209340546 also known as:

LionicTrojan.Win32.Bulz.4!c
MicroWorld-eScanGen:Variant.MSILHeracles.26516
FireEyeGeneric.mg.07d914a0b27d1345
McAfeeRDN/Generic.cf
SangforSuspicious.Win32.Bulz.625483
AlibabaTrojan:MSIL/Bladabindi.d011fdfe
SymantecML.Attribute.HighConfidence
APEXMalicious
Paloaltogeneric.ml
BitDefenderGen:Variant.MSILHeracles.26516
AvastWin32:Malware-gen
Ad-AwareGen:Variant.MSILHeracles.26516
EmsisoftGen:Variant.MSILHeracles.26516 (B)
McAfee-GW-EditionRDN/Generic.cf
IkarusTrojan.MSIL.Bladabindi
GDataGen:Variant.MSILHeracles.26516
MicrosoftTrojan:Win32/Wacatac.B!ml
BitDefenderThetaGen:NN.ZemsilF.34084.tm0@a0cPtAf
ALYacGen:Variant.MSILHeracles.26516
MAXmalware (ai score=87)
MalwarebytesMalware.AI.2209340546
TrendMicro-HouseCallTROJ_GEN.R04CH09HK21
SentinelOneStatic AI – Suspicious PE
FortinetPossibleThreat
AVGWin32:Malware-gen

How to remove Malware.AI.2209340546?

Malware.AI.2209340546 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment