Malware

Malware.AI.4004118398 removal tips

Malware Removal

The Malware.AI.4004118398 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.4004118398 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Attempts to connect to a dead IP:Port (119 unique times)
  • Dynamic (imported) function loading detected
  • Expresses interest in specific running processes
  • A process created a hidden window
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Uses suspicious command line tools or Windows utilities

How to determine Malware.AI.4004118398?



File Info:

name: EA939AD3ED40A8F4C8C5.mlw
path: /opt/CAPEv2/storage/binaries/5526f96cce4e20a313e318655e1aa514bb233636c6e4a8e6cab6b2ee32bb48a3
crc32: E440C9B3
md5: ea939ad3ed40a8f4c8c525145af9c159
sha1: 70383538ed0eda906a09bbb55930864e70142e81
sha256: 5526f96cce4e20a313e318655e1aa514bb233636c6e4a8e6cab6b2ee32bb48a3
sha512: 60479b5f5f2b1087ad84f872f8a5c776a39ad6d7d703497b5263c352d80347554df98d1ea69a6c13175b173017d062a9a9622628e63d010c18e390774a16e09c
ssdeep: 3072:2OS5N1uF2LfYJOHl3fxeTNXAR3Si6+81Pd/gKKWIavBcaIQ5ha0:PIXrHlENMii8//rK+aab5g
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1DEB3F157A15E2EB1C3A415BCB20FAFBAE011E619881151C2D7BD8B43D7ECF01275A9CB
sha3_384: 482c5cc9743a5befe4297cfcfc216cf723aa92e00eec690f52e1302dc5bf0d0db67dfe11863b1b75d294b9449a4a5701
ep_bytes: 60be00d0c0008dbe00407fff5783cdff
timestamp: 2022-01-19 11:59:56


Version Info:

0: [No Data]

Malware.AI.4004118398 also known as:

BkavW32.AIDetect.malware2
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Fragtor.57722
FireEyeGeneric.mg.ea939ad3ed40a8f4
McAfeeArtemis!EA939AD3ED40
CylanceUnsafe
ZillyaTrojan.Agent.Win32.2658372
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 005715eb1 )
K7GWTrojan ( 005715eb1 )
CrowdStrikewin/malicious_confidence_100% (W)
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Agent.ULF
APEXMalicious
Paloaltogeneric.ml
KasperskyTrojan.Win32.Eb.dbi
BitDefenderGen:Variant.Fragtor.57722
AvastWin32:Trojan-gen
TencentWin32.Trojan.Eb.Amlv
Ad-AwareGen:Variant.Fragtor.57722
EmsisoftGen:Variant.Fragtor.57722 (B)
DrWebTrojan.PWS.Spy.21553
McAfee-GW-EditionBehavesLike.Win32.Generic.cc
SophosMal/Generic-S
SentinelOneStatic AI – Malicious PE
AviraTR/ATRAPS.Gen
Antiy-AVLTrojan/Win32.EB
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
GridinsoftRansom.Win32.Sabsik.sa
ViRobotTrojan.Win32.Z.Agent.110592.NKN
GDataGen:Variant.Fragtor.57722
CynetMalicious (score: 100)
AhnLab-V3Malware/Gen.Reputation.C4348158
BitDefenderThetaAI:Packer.9EDA912A1F
ALYacGen:Variant.Fragtor.57722
MAXmalware (ai score=82)
VBA32BScope.Trojan.Eb
MalwarebytesMalware.AI.4004118398
TrendMicro-HouseCallTROJ_GEN.R06CH0CAO22
RisingTrojan.Agent!8.B1E (CLOUD)
YandexTrojan.Agent!VFIUTZ/J9ws
IkarusTrojan.Win32.Agent
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Agent.ULF!tr
WebrootW32.Trojan.Gen
AVGWin32:Trojan-gen
Cybereasonmalicious.3ed40a
PandaTrj/GdSda.A

How to remove Malware.AI.4004118398?

Malware.AI.4004118398 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment