Malware

Malware.AI.397415897 information

Malware Removal

The Malware.AI.397415897 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.397415897 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • A file was accessed within the Public folder.
  • Performs HTTP requests potentially not found in PCAP.
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Attempts to modify proxy settings
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Malware.AI.397415897?



File Info:

name: BE1879F818227C0A3E30.mlw
path: /opt/CAPEv2/storage/binaries/464bceb6704434269e4e5da513344b4fb7575da12b72d3f2a672e88d573b4938
crc32: DEDEF295
md5: be1879f818227c0a3e30eecddc5f1776
sha1: f30d7c2f61e1aa3cab0ed9621aa4d24ba8d2d53a
sha256: 464bceb6704434269e4e5da513344b4fb7575da12b72d3f2a672e88d573b4938
sha512: 7f9a09cc0d0ddfb791022ec0ec91d9e634326cbec0a5a46472c9c90f7bd254437a652ef63db4f2f3222517e226e7083a7f6293ef4a17fa94659587ed7e40d9c7
ssdeep: 12288:Jy7se9WkWTRW8fdegBNiuHylnPwX0m5MF+p0WLPJ5R7Z:w7saWnTRW8fde00aZBpLzL
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T1B4C4E181BB4685F2ED6511325AAAB31DC4FE70724F228AD3E3D8AF1D9D304D29D31B85
sha3_384: a42da2328c2f354197eb241f1ba7e2d1c2d7afaee9d7e347380dc8f82a77c35666cd660d3a7e360772d9f847db50e65b
ep_bytes: e8f9b0ffffe991feffffccff25f0a343
timestamp: 2016-10-29 00:12:01


Version Info:

CompanyName: Adobe Systems Incorporated
FileDescription: LogTransport Application
FileVersion: 7.1.1.3403
InternalName: LogTransport2
LegalCopyright: Copyright 2008-15 Adobe Systems Incorporated. All rights reserved.
OriginalFilename: LogTransport2.exe
PrivateBuild: 7.1.1.3403
ProductName:  LogTransport Application
ProductVersion: 7.1.1.3403
Translation: 0x0409 0x04b0

Malware.AI.397415897 also known as:

BkavW32.AIDetectMalware
LionicVirus.Win32.Senoval.n!c
Elasticmalicious (high confidence)
DrWebWin32.Beetle.2
MicroWorld-eScanGen:Variant.Zusy.486769
SkyhighBehavesLike.Win32.Dropper.hc
McAfeeRDN/Generic.hra
MalwarebytesMalware.AI.397415897
ZillyaTrojan.Patched.Win32.157039
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 005ab4bf1 )
AlibabaVirus:Win32/Senoval.9ca4f5f3
K7GWTrojan ( 005ab4bf1 )
ArcabitTrojan.Zusy.D76D71
BitDefenderThetaGen:NN.ZexaF.36792.Ku0@aa9RFbhi
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Patched.NKM
CynetMalicious (score: 100)
APEXMalicious
KasperskyVirus.Win32.Senoval.a
BitDefenderGen:Variant.Zusy.486769
NANO-AntivirusVirus.Win32.Gen-Crypt.ccnc
AvastWin32:Patched-AWW [Trj]
TencentTrojan.Win32.Pathced_ya.16001052
EmsisoftGen:Variant.Zusy.486769 (B)
F-SecureTrojan.TR/Patched.Gen
VIPREGen:Variant.Zusy.486769
TrendMicroTROJ_GEN.R002C0DJL23
Trapminemalicious.high.ml.score
FireEyeGen:Variant.Zusy.486769
SophosW32/Patched-CE
VaristW32/S-8f542844!Eldorado
AviraTR/Patched.Gen
MAXmalware (ai score=83)
Antiy-AVLTrojan/Win32.Patched
MicrosoftTrojan:Win32/Convagent.AJ!MTB
ZoneAlarmVirus.Win32.Senoval.a
GDataWin32.Trojan.PSE.12AP69G
GoogleDetected
AhnLab-V3Malware/Win.Generic.R603646
VBA32BScope.Trojan.Meterpreter
ALYacGen:Variant.Zusy.486769
Cylanceunsafe
PandaTrj/Genetic.gen
TrendMicro-HouseCallTROJ_GEN.R002C0DJL23
RisingTrojan.Generic@AI.100 (RDML:zJ3IaiKjb2SkTPsrvlJ88Q)
IkarusTrojan.Win32.Patched
FortinetW32/Patched.IP!tr
AVGWin32:Patched-AWW [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Malware.AI.397415897?

Malware.AI.397415897 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment