Malware

Malware.AI.3552611220 malicious file

Malware Removal

The Malware.AI.3552611220 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.3552611220 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Uses Windows utilities for basic functionality
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • Unconventionial language used in binary resources: Korean
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Uses Windows utilities to create a scheduled task
  • Deletes executed files from disk
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Malware.AI.3552611220?



File Info:

name: BE56395A7778404E4A5A.mlw
path: /opt/CAPEv2/storage/binaries/1424f6cd036ccbfb48d9b289ece808f348eddef1cfbe69af6877caa2464c32a0
crc32: AE8450F5
md5: be56395a7778404e4a5a8d89e2fad7c5
sha1: eed13acf550f738cbb5d5933340dfe0b3ddbf2a4
sha256: 1424f6cd036ccbfb48d9b289ece808f348eddef1cfbe69af6877caa2464c32a0
sha512: 27fef966a714db1254c40d5cfb4cba7640a68a2cd9e9430d8814619517c73b7e7bf178e6363f4a7294485dbcf48f358824808a2072ea07306dcd0a41538058d9
ssdeep: 6144:DNcCNC1ItjiAQzexRb8U68HaMJgMPDK9kM6BEss6pbUq+Ehoxq1L+fd5Uc:Zcq9oAQKxRb8l8HaMKMPWyM0S6e0yc1G
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1F07411118A422688F32507719A25FDE04A54AD3EA8C0F54FEDBEFD76A5761C31AB700F
sha3_384: c0559e768bd19c86676cf9d404ea609d592d784ac472d30d1244441551c3885c11805e45f8c2faaf2c7eafa325bf8b3d
ep_bytes: 60be009043008dbe0080fcff57eb0b90
timestamp: 2013-08-17 12:41:29


Version Info:

0: [No Data]

Malware.AI.3552611220 also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Generic.lKG1
Elasticmalicious (moderate confidence)
MicroWorld-eScanGen:Heur.Mint.SP.Urelas.1
FireEyeGeneric.mg.be56395a7778404e
CAT-QuickHealTrojan.Gupboot.G.mue
SkyhighBehavesLike.Win32.Corrupt.fc
McAfeeArtemis!BE56395A7778
Cylanceunsafe
ZillyaBackdoor.Plite.Win32.114245
SangforTrojan.Win32.Save.a
AlibabaBackdoor:Win32/Urelas.2eb4
K7GWBackdoor ( 0053e8561 )
K7AntiVirusBackdoor ( 0053e8561 )
BitDefenderThetaGen:NN.ZexaF.36804.vmHfaOTQFbaO
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Urelas.S
APEXMalicious
TrendMicro-HouseCallTROJ_GEN.R002C0DD124
Paloaltogeneric.ml
ClamAVWin.Malware.Urelas-9655843-0
KasperskyBackdoor.Win32.Plite.bhtq
BitDefenderGen:Heur.Mint.SP.Urelas.1
NANO-AntivirusTrojan.Win32.Plite.cvbpsw
AvastMBR:Plite-I [Rtk]
TencentTrojan.Win32.Urelas.16000132
EmsisoftGen:Heur.Mint.SP.Urelas.1 (B)
BaiduWin32.Rootkit.Agent.s
F-SecureTrojan.TR/Spy.Gen2
DrWebTrojan.AVKill.32817
VIPREGen:Heur.Mint.SP.Urelas.1
TrendMicroTROJ_GEN.R002C0DD124
SophosTroj/Urelas-Q
IkarusTrojan.Win32.Gupboot
JiangminBackdoor.Generic.zjt
AviraTR/Spy.Gen2
VaristW32/Urelas.E.gen!Eldorado
Antiy-AVLTrojan/Win32.Urelas
KingsoftWin32.Hack.Plite.bhtq
MicrosoftTrojan:Win32/Urelas!pz
XcitiumTrojWare.Win32.Urelas.A@513q61
ArcabitTrojan.Mint.SP.Urelas.1
ZoneAlarmBackdoor.Win32.Plite.bhtq
GDataWin32.Trojan.PSE.110RWKI
CynetMalicious (score: 100)
AhnLab-V3Backdoor/Win.Plite.R643092
VBA32Backdoor.Plite
MalwarebytesMalware.AI.3552611220
PandaGeneric Suspicious
RisingBackdoor.Plite!8.2D6 (TFE:5:K9vvU5yHSKP)
YandexTrojan.GenAsa!T9bs+ffsnlE
MAXmalware (ai score=80)
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Urelas.O!tr
AVGMBR:Plite-I [Rtk]
DeepInstinctMALICIOUS
alibabacloudTrojan:Win/Urelas

How to remove Malware.AI.3552611220?

Malware.AI.3552611220 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment