Malware

Malware.AI.4036191450 malicious file

Malware Removal

The Malware.AI.4036191450 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.4036191450 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • Enumerates running processes
  • Expresses interest in specific running processes
  • A process created a hidden window
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Code injection with CreateRemoteThread in a remote process
  • Behavioural detection: Injection (inter-process)
  • Behavioural detection: Injection with CreateRemoteThread in a remote process
  • Installs itself for autorun at Windows startup
  • Likely virus infection of existing system binary
  • Creates a copy of itself
  • Uses suspicious command line tools or Windows utilities

How to determine Malware.AI.4036191450?



File Info:

name: 1A959448A00CE96C81AF.mlw
path: /opt/CAPEv2/storage/binaries/1492c136d4367b4c8b400dd6bb9b9b1a2726d3e4264377665f84b1ce35696377
crc32: 6402A4D7
md5: 1a959448a00ce96c81af22dfeb96f956
sha1: 71024adb31bc18a957616a367920c1f86f233de9
sha256: 1492c136d4367b4c8b400dd6bb9b9b1a2726d3e4264377665f84b1ce35696377
sha512: 442bd86b134603ab4c8ef0059621f40b6eed99a911ef2c64c473ef3fab727b08247c3169bbf04376e4fcda114d2136accdeadba491b433707e621440a27bad04
ssdeep: 1536:KiiWulVLEUDfRsq5kQm0AG/nmnfdT4cz8GWf3:qtdhj/T/n2fyvX/
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1587302F25A854CA1C913237AAB53942236FD323F1BC835C54AB7BC9F31A8AC4F941656
sha3_384: 4ac72b7af49e996ead6a378970f5b2686efb245cbe52bf0e98ca34cc99b1c29574bc72dcce1215e11fdbcd2e8bf0f71d
ep_bytes: 60be005041008dbe00c0feff57eb0b90
timestamp: 1999-11-26 06:49:51


Version Info:

0: [No Data]

Malware.AI.4036191450 also known as:

BkavW32.AIDetect.malware1
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Heur.Mint.SP.Sneaky.1
FireEyeGeneric.mg.1a959448a00ce96c
CAT-QuickHealTrojan.IGENERICPMF.S3117229
ALYacGen:Heur.Mint.SP.Sneaky.1
CylanceUnsafe
ZillyaTrojan.Bublik.Win32.26822
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_90% (D)
K7GWTrojan ( 0055e3dd1 )
K7AntiVirusTrojan ( 0055e3dd1 )
BitDefenderThetaAI:Packer.A9EE531A1F
VirITTrojan.Win32.Zyx.SK
CyrenW32/Injector.A.gen!Eldorado
SymantecTrojan.Gen
ESET-NOD32Win32/Agent.NKU
APEXMalicious
ClamAVWin.Packed.Ulpm-9799291-0
KasperskyTrojan.Win32.Bublik.elnh
BitDefenderGen:Heur.Mint.SP.Sneaky.1
NANO-AntivirusTrojan.Win32.Bot.bdktak
SUPERAntiSpywareTrojan.Agent/Gen-BackBot
AvastWin32:Crypt-KOW [Trj]
SophosML/PE-A
DrWebBackDoor.IRC.Bot.1979
VIPREBehavesLike.Win32.Malware.tsc (mx-v)
McAfee-GW-EditionBehavesLike.Win32.Wabot.lc
EmsisoftGen:Heur.Mint.SP.Sneaky.1 (B)
IkarusBackdoor.Win32.IRCBot
JiangminWorm/Generic.aauc
AviraHEUR/AGEN.1122945
MAXmalware (ai score=89)
Antiy-AVLTrojan/Generic.ASMalwS.1FC963
KingsoftHeur.SSC.2709490.1216.(kcloud)
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
ViRobotBackdoor.Win32.IRCBot.49152.AG
ZoneAlarmTrojan.Win32.Bublik.elnh
GDataGen:Heur.Mint.SP.Sneaky.1
CynetMalicious (score: 100)
McAfeeGenericRXAA-AA!1A959448A00C
VBA32Trojan.Bublik
MalwarebytesMalware.AI.4036191450
RisingMalware.Heuristic!ET#100% (RDMK:cmRtazpz/jjLrkRtRe6/0xhRPpvw)
YandexTrojan.GenAsa!tGFjxNWzwxk
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
AVGWin32:Crypt-KOW [Trj]
Cybereasonmalicious.8a00ce

How to remove Malware.AI.4036191450?

Malware.AI.4036191450 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment