Malware

Malware.AI.2213129483 (file analysis)

Malware Removal

The Malware.AI.2213129483 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.2213129483 virus can do?

  • Sample contains Overlay data
  • Reads data out of its own binary image
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • CAPE detected the shellcode get eip malware family
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Malware.AI.2213129483?



File Info:

name: 830D671DE54168E737B6.mlw
path: /opt/CAPEv2/storage/binaries/9949f52c6723b18e8f4cad73c2fd0b1dfa75a3d1fd035868cbbddc855612da3c
crc32: 44872F06
md5: 830d671de54168e737b6e880d9266dea
sha1: 7b9a2e15cc4dd71612d00d409e8f0835b3897e0b
sha256: 9949f52c6723b18e8f4cad73c2fd0b1dfa75a3d1fd035868cbbddc855612da3c
sha512: faf39aaf57fabe5318aefde940959514e7bc61468c774187d1c8fb9073cdb8448ca1d76e52e84466b5132828444f4e0d88099247c2ae2ea37b047fe274050415
ssdeep: 12288:u6Wq4aaE6KwyF5L0Y2D1PqLQ+dECxoFg4orT1jD9XtDmxithn8mbiZ0URuRN2FQV:0thEVaPqL9ECxjf9jrmxe81RuR0HaX5L
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1D71523AA6C49C634E83C9372F39173123CD29EB5B1A49D97816C3D4F304E294FD1AB5A
sha3_384: e741ddd937950ce0883d4d6d1041b3523869a4e1277a7f2ab038437b5d84b4c2397eecec3704f84f35a3c27e551e571d
ep_bytes: 60be009048008dbe0080f7ff57eb0b90
timestamp: 2012-01-29 21:32:28


Version Info:

FileDescription: 
FileVersion: 3, 3, 8, 1
CompiledScript: AutoIt v3 Script: 3, 3, 8, 1
Translation: 0x0809 0x04b0

Malware.AI.2213129483 also known as:

BkavW32.Common.6B08F81E
LionicTrojan.Win32.Autoit.4!c
Elasticmalicious (moderate confidence)
SkyhighBehavesLike.Win32.BadFile.cc
MalwarebytesMalware.AI.2213129483
VirITTrojan.Win32.DownLoader7.EKV
APEXMalicious
McAfeeArtemis!830D671DE541
SophosMal/Generic-S
DrWebTrojan.DownLoader7.2985
TrendMicroTrojan.Win32.AUTOIT.USBLCB24
Trapminemalicious.moderate.ml.score
IkarusTrojan.Autoit
GoogleDetected
KingsoftWin32.Troj.Generic.a
MicrosoftProgram:Win32/Wacapew.C!ml
VBA32Trojan.Downloader
Cylanceunsafe
TrendMicro-HouseCallTrojan.Win32.AUTOIT.USBLCB24
RisingTrojan.StartPage/Autoit!1.D84C (CLASSIC)
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/PossibleThreat
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_70% (D)

How to remove Malware.AI.2213129483?

Malware.AI.2213129483 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment