Malware

How to remove “Malware.AI.261378231”?

Malware Removal

The Malware.AI.261378231 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.261378231 virus can do?

  • Sample contains Overlay data
  • HTTPS urls from behavior.
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Behavioural detection: Injection (Process Hollowing)
  • Behavioural detection: Injection (inter-process)
  • Attempts to modify proxy settings
  • Touches a file containing cookies, possibly for information gathering
  • Anomalous binary characteristics

How to determine Malware.AI.261378231?



File Info:

name: 26A21F5DC439E5B1517A.mlw
path: /opt/CAPEv2/storage/binaries/4f31329462dd89ee4818cf52f39b24efc21daa65c28e5fff111848fc1344b2eb
crc32: DEB3F707
md5: 26a21f5dc439e5b1517a5714afd4694c
sha1: 9eac98e29e3bc4bc9db35d86fc5a578bea82df78
sha256: 4f31329462dd89ee4818cf52f39b24efc21daa65c28e5fff111848fc1344b2eb
sha512: dd575b3f1eae862fd6ad4fa59ebcf4d0a8106ee4a6bfdb3eeacb51cde2ef0e5b2cf9c35a291946658aa602ce3e0dcf41b8774c6aef25d28be01f499b74fff642
ssdeep: 3072:abXwTRetxfSp6TedEh03HzCz3EsT7n+x:ab+Fp6Ted603HzCzEs
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T192E3AD4725A2D33AD485C8B0E39601C15F3B5DEB36E2947BEB543558DEB23B81F23A60
sha3_384: c736be72c94622b1a4902302e4d0b5bdac651df1336bfe4be96ac62f1c15d1f80666f2f7fc5a9ee29f7dada7c568c933
ep_bytes: e8b8170000e917feffff558bec81ec28
timestamp: 2012-11-27 07:51:38


Version Info:

FileDescription: LKuds cl ssd
FileVersion: 0, 1, 2, 0
InternalName: SSD
LegalCopyright: United States
OriginalFilename: System
ProductName: Windows base
ProductVersion: 0, 0, 0, 0
Translation: 0x0409 0x04b0

Malware.AI.261378231 also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Generic.4!c
MicroWorld-eScanGen:Variant.Jaik.52817
CAT-QuickHealTrojan.VundoCS.S27090931
SkyhighBehavesLike.Win32.Vundo.ch
ALYacGen:Variant.Jaik.52817
MalwarebytesMalware.AI.261378231
VIPREGen:Variant.Jaik.52817
SangforTrojan.Win32.Save.a
K7AntiVirusRiskware ( 0040eff71 )
BitDefenderGen:Variant.Jaik.52817
K7GWRiskware ( 0040eff71 )
Cybereasonmalicious.29e3bc
BitDefenderThetaGen:NN.ZexaF.36792.iu2@audO9ici
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Injector.AACA
APEXMalicious
ClamAVWin.Trojan.Agent-723730
KasperskyHEUR:Trojan.Win32.Generic
AlibabaTrojan:Win32/Injector.72937411
NANO-AntivirusTrojan.Win32.Butirat.bfqymf
ViRobotTrojan.Win32.A.Blocker.131072.G
RisingTrojan.Injector!8.C4 (TFE:1:jJl3d0qwpAG)
SophosMal/Generic-R
F-SecureTrojan.TR/Dropper.Gen
DrWebBackDoor.Butirat.233
ZillyaTrojan.Bicololo.Win32.33
TrendMicroTROJ_GEN.R002C0DJ223
Trapminemalicious.high.ml.score
FireEyeGeneric.mg.26a21f5dc439e5b1
EmsisoftGen:Variant.Jaik.52817 (B)
IkarusVirus.Win32.Vundo
JiangminTrojan/Jorik.gegn
GoogleDetected
AviraTR/Dropper.Gen
VaristW32/Zbot.EW.gen!Eldorado
Antiy-AVLTrojan[Ransom]/Win32.Blocker
Kingsoftmalware.kb.a.985
MicrosoftTrojan:Win32/Vundo
XcitiumTrojWare.Win32.Injector.pqb@4sacre
ArcabitTrojan.Jaik.DCE51
SUPERAntiSpywareTrojan.Agent/Generic
ZoneAlarmHEUR:Trojan.Win32.Generic
GDataGen:Variant.Jaik.52817
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Blocker.R50980
VBA32Malware-Cryptor.2LA.gen
MAXmalware (ai score=84)
DeepInstinctMALICIOUS
Cylanceunsafe
PandaTrj/Genetic.gen
TrendMicro-HouseCallTROJ_GEN.R002C0DJ223
TencentTrojan.Win32.Injector.wa
YandexTrojan.GenAsa!86fG0ukoIoI
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/SpyVoltar.AJ!tr
AVGWin32:Buterat-UD [Trj]
AvastWin32:Buterat-UD [Trj]
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Malware.AI.261378231?

Malware.AI.261378231 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment