Malware

About “Malware.AI.2731974591” infection

Malware Removal

The Malware.AI.2731974591 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.2731974591 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • CAPE extracted potentially suspicious content
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Authenticode signature is invalid
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Malware.AI.2731974591?



File Info:

name: 0D115AC069E101B640E3.mlw
path: /opt/CAPEv2/storage/binaries/445c5a4f799f73043e1c71cf48c852c370b6da9aa67205775ea0251f22ce6bac
crc32: F4AAAF66
md5: 0d115ac069e101b640e35ada2dc22ab9
sha1: a823eac8260970f48695d6c72a707e06c7fa9666
sha256: 445c5a4f799f73043e1c71cf48c852c370b6da9aa67205775ea0251f22ce6bac
sha512: 467de44254b6ce2b89f584448cdf6259c9caa64b60fb537b1336dd4dbadc261c8309f02d2a122cf9af2c2978e14102679fc417b09c2a88d53820409be72a7c09
ssdeep: 1536:JHU3Mi853O2yB66wVTnTL2sEkxP8ZSa6THmKDHPqo:J03H7B6fpT/JhTHXDHP
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T107B3C5C66C8E0DD5E409CA382DA571306535E819B7D3C2EFA7F4ED19D829BC1A6BB304
sha3_384: ead277bcffb616220788900c16cd03584eae2e71a2a9510d43e88d3e8d872d20dd63c664d3586a6c1b72bb8f0b8a9e45
ep_bytes: 558bec6aff68987a400068ac66400064
timestamp: 2023-05-04 05:45:13


Version Info:

Comments: 轻轻松松抓图标,帮您轻松抓取各种资源文件中的图标,并可保存为图标和位图等格式。
CompanyName: 未来工作室(Future Studio)
FileDescription: 轻轻松松抓图标,帮您轻松抓取和保存各种资源文件中的图标。
FileVersion: 1, 0, 0, 0
InternalName: 轻轻松松抓图标
LegalCopyright: 版权所有(C) 2001 未来工作室
LegalTrademarks: 免费软件,谢谢使用!
OriginalFilename: IconSnap.EXE
PrivateBuild: 作者:徐景周
ProductName: 轻轻松松抓图标
ProductVersion: 1, 0, 0, 0
SpecialBuild: 作者:徐景周
Translation: 0x0804 0x04b0

Malware.AI.2731974591 also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Lotok.4!c
MicroWorld-eScanGen:Variant.Graftor.860945
FireEyeGeneric.mg.0d115ac069e101b6
ALYacGen:Variant.Graftor.860945
MalwarebytesMalware.AI.2731974591
ZillyaBackdoor.Lotok.Win32.2504
SangforBackdoor.Win32.Sabsik.V72v
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaBackdoor:Win32/Sabsik.634fca37
K7GWRiskware ( 0040eff71 )
K7AntiVirusRiskware ( 0040eff71 )
BitDefenderThetaGen:NN.ZexaF.36250.gq0@a4OzF8hb
CyrenW32/ABRisk.EYCP-0639
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
APEXMalicious
ClamAVWin.Malware.Gh0stRAT-7459730-1
KasperskyHEUR:Backdoor.Win32.Lotok.gen
BitDefenderGen:Variant.Graftor.860945
AvastWin32:RATX-gen [Trj]
TencentMalware.Win32.Gencirc.119c9ad0
EmsisoftGen:Variant.Graftor.860945 (B)
F-SecureHeuristic.HEUR/AGEN.1346578
DrWebBackDoor.Siggen2.3666
VIPREGen:Variant.Graftor.860945
TrendMicroTROJ_GEN.R002C0DE523
McAfee-GW-EditionGenericRXRH-AW!0D115AC069E1
SophosMal/Generic-S
GDataGen:Variant.Graftor.860945
GoogleDetected
AviraHEUR/AGEN.1346578
Antiy-AVLTrojan[Backdoor]/Win32.Lotok
ArcabitTrojan.Graftor.DD2311
ZoneAlarmHEUR:Backdoor.Win32.Lotok.gen
MicrosoftTrojan:Win32/Sabsik.MTR!MTB
CynetMalicious (score: 99)
McAfeeGenericRXRH-AW!0D115AC069E1
MAXmalware (ai score=82)
VBA32TScope.Malware-Cryptor.SB
Cylanceunsafe
PandaTrj/GdSda.A
TrendMicro-HouseCallTROJ_GEN.R002C0DE523
RisingTrojan.Kryptik!1.CC61 (CLASSIC)
IkarusTrojan.Win32.Farfli
MaxSecureTrojan.Malware.102820574.susgen
FortinetW32/Kryptik.HFPG!tr
AVGWin32:RATX-gen [Trj]
Cybereasonmalicious.069e10
DeepInstinctMALICIOUS

How to remove Malware.AI.2731974591?

Malware.AI.2731974591 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment