Malware

Malware.AI.2535911453 removal guide

Malware Removal

The Malware.AI.2535911453 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.2535911453 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Creates RWX memory
  • Possible date expiration check, exits too soon after checking local time
  • Guard pages use detected – possible anti-debugging.
  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Anomalous .NET characteristics

How to determine Malware.AI.2535911453?



File Info:

name: B66041913F15C42BE9DC.mlw
path: /opt/CAPEv2/storage/binaries/2d88626acd2806635aaa1eece2356f8ff0bba67e7d9f621d51fc37e79f6e7b56
crc32: 9AD4F3CF
md5: b66041913f15c42be9dcc8ec6e7eaf1e
sha1: 6f08f64e7629c9c65238122708ccce38d96b5636
sha256: 2d88626acd2806635aaa1eece2356f8ff0bba67e7d9f621d51fc37e79f6e7b56
sha512: 909dc87414212df6b213d5e338c5fcd5857e06e184f88c869461728c8717f5c3a524c391d0cee861c98c4d22c7fd590a8afafee8c120464c29599ae1ecb11df6
ssdeep: 12288:F9Maq7Bd6dBnwmFssNw3YvWaCOr0I8E8AIBzo02hUdnXJH+COpGaFbRBhANojKqp:msyewMPXPBw5nc7XM
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T138F4D0C42353F3AEC6D091FF286552F033164ECEAA09B565D62CD35029AA11E0EDFE97
sha3_384: 2ab59bab23bb3e36ebf10e35461119dad145b0f859cb6f5fc5a9167a550197df7db8f2f8d1ef1ed59a273edfa4d6e3f2
ep_bytes: ff250020400000000000000000000000
timestamp: 2012-06-30 19:26:20


Version Info:

Translation: 0x0000 0x04b0
Comments: Windows Fax Viewer
CompanyName: Microsoft Coporation
FileDescription: Windows Fax Viewer
FileVersion: 1.2.0.0
InternalName: UseServe.exe
LegalCopyright: Copyright (c) 1991-2012 WinZip International LLC - All Rights Reserved
LegalTrademarks: WinZip is a registered trademark of WinZip International LLC
OriginalFilename: UseServe.exe
ProductName: Windows Fax Viewer
ProductVersion: 1.2.0.0
Assembly Version: 0.0.0.0

Malware.AI.2535911453 also known as:

LionicTrojan.Win32.Generic.lwWK
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Trojan.Heur.DNP.Tm0@aynbB@k
FireEyeGeneric.mg.b66041913f15c42b
McAfeeGenericRXOH-AY!B66041913F15
CylanceUnsafe
ZillyaTrojan.Crypt.Win32.8508
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 00149d991 )
AlibabaWorm:Win32/Ainslot.e73827eb
K7GWTrojan ( 00149d991 )
Cybereasonmalicious.13f15c
BitDefenderThetaAI:Packer.5A0F1A471F
CyrenW32/Backdoor.MSDB-6002
SymantecML.Attribute.HighConfidence
ESET-NOD32Win32/Ainslot.AA
Paloaltogeneric.ml
ClamAVWin.Trojan.Agent-535137
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Trojan.Heur.DNP.Tm0@aynbB@k
NANO-AntivirusTrojan.Win32.Agent.dkmwog
AvastMSIL:Agent-OG [Trj]
TencentWin32.Worm.Ainslot.Peyy
TACHYONTrojan/W32.DN-Agent.738816.B
EmsisoftGen:Trojan.Heur.DNP.Tm0@aynbB@k (B)
ComodoTrojWare.MSIL.Injector.AS@6l6mun
DrWebWorm.Siggen.6967
VIPRETrojan.MSIL.Sirefef.p (v)
McAfee-GW-EditionGenericRXOH-AY!B66041913F15
SophosMal/Generic-S + Mal/Generic-L
APEXMalicious
JiangminTrojan/MSIL.gnhg
WebrootW32.Malware.Gen
AviraTR/Dropper.MSIL.Gen
Antiy-AVLTrojan/Generic.ASMalwS.162E91
KingsoftWin32.Troj.Crypt.(kcloud)
MicrosoftWorm:Win32/Ainslot.A
ViRobotTrojan.Win32.Agent.738816.D
ZoneAlarmHEUR:Trojan.Win32.Generic
GDataGen:Trojan.Heur.DNP.Tm0@aynbB@k
CynetMalicious (score: 100)
AhnLab-V3Spyware/Win32.Zbot.C69601
VBA32Trojan.MSIL.Crypt
ALYacGen:Trojan.Heur.DNP.Tm0@aynbB@k
MAXmalware (ai score=99)
MalwarebytesMalware.AI.2535911453
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.4216567.susgen
FortinetMSIL/Injector.PEI!tr
AVGMSIL:Agent-OG [Trj]
PandaGeneric Malware
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Malware.AI.2535911453?

Malware.AI.2535911453 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment