Malware

About “Malware.AI.4040948473” infection

Malware Removal

The Malware.AI.4040948473 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.4040948473 virus can do?

  • Presents an Authenticode digital signature
  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Network activity detected but not expressed in API logs
  • Binary compilation timestomping detected

Related domains:

wpad.local-net

How to determine Malware.AI.4040948473?



File Info:

name: E75FE9B145D4AC3F9876.mlw
path: /opt/CAPEv2/storage/binaries/3dd98f72c22dcf7ccdb7b3a3f15e43a80a8f9269eb08e9de5a54c82f11657976
crc32: 948EA40C
md5: e75fe9b145d4ac3f9876b910971d90e7
sha1: bec4017afba3873df0a20c0b901c6d8056617ab1
sha256: 3dd98f72c22dcf7ccdb7b3a3f15e43a80a8f9269eb08e9de5a54c82f11657976
sha512: 6f1eeec4560ea3bde3dbc6e66cfee224839b3cb167c81a1d7d89a16dba9e2b964d687b2a6b6719ea0024da130704cf4a2530954b0e7a27750c33df3b7a9bfcd3
ssdeep: 3072:zsHKHJnUNcplOhMdWZhEVJaSHlmx/YDWDK88g888AhdrZMs25TAkqXeQTbC3PTWu:zsHKHJnUNcplOhMdWZhEVJaSHlmx/YDj
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1D1F3F1A8D77CBCD7F40AD0F99E73E5A5862AEA5950240F1A3C2A313315B235338A5D1F
sha3_384: bf12b8aa6ef196dd37cf74a5f61232e0cd521d869adf1b3be636c3b1abf42f81d81102015f4961685a98478f092fea18
ep_bytes: ff250020400000000000000000000000
timestamp: 2090-08-01 22:41:49


Version Info:

Comments: ꨛꧯꨮꨙꨗꧬꧩ꧿ꧮꨛꧺꨢꧦꨙꨙꨉꧯꨎꧫꨘꧯꨗꧨꨘꧪꧪꧦꧬꧭꧯꨟꨝꧨ
CompanyName: ꨛꧯꨮꨙꨗꧬꧩ꧿ꧮꨛꧺꨢꧦꨙꨙꨉꧯꨎꧫꨘꧯꨗꧨꨘꧪꧪꧦꧬꧭꧯꨟꨝꧨ Inc.
FileDescription: ꨛꧯꨮꨙꨗꧬꧩ꧿ꧮꨛꧺꨢꧦꨙꨙꨉꧯꨎꧫꨘꧯꨗꧨꨘꧪꧪꧦꧬꧭꧯꨟꨝꧨ
FileVersion: 8.609.297.561
LegalCopyright: All Rights Reserved
InternalName: ꨛꧯꨮꨙꨗꧬꧩ꧿ꧮꨛꧺꨢꧦꨙꨙꨉꧯꨎꧫꨘꧯꨗꧨꨘꧪꧪꧦꧬꧭꧯꨟꨝꧨ.exe
LegalTrademarks: ꨛꧯꨮꨙꨗꧬꧩ꧿ꧮꨛꧺꨢꧦꨙꨙꨉꧯꨎꧫꨘꧯꨗꧨꨘꧪꧪꧦꧬꧭꧯꨟꨝꧨ
OriginalFilename: ꨛꧯꨮꨙꨗꧬꧩ꧿ꧮꨛꧺꨢꧦꨙꨙꨉꧯꨎꧫꨘꧯꨗꧨꨘꧪꧪꧦꧬꧭꧯꨟꨝꧨ.exe
ProductName: ꨛꧯꨮꨙꨗꧬꧩ꧿ꧮꨛꧺꨢꧦꨙꨙꨉꧯꨎꧫꨘꧯꨗꧨꨘꧪꧪꧦꧬꧭꧯꨟꨝꧨ
ProductVersion: 8.609.297.561
Assembly Version: 8.609.297.561
Translation: 0x0000 0x0514

Malware.AI.4040948473 also known as:

LionicTrojan.Win32.Heracles.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Ser.MSILHeracles.45
FireEyeGen:Variant.Ser.MSILHeracles.45
ALYacGen:Variant.Ser.MSILHeracles.45
MalwarebytesMalware.AI.4040948473
CrowdStrikewin/malicious_confidence_70% (W)
AlibabaTrojanDownloader:MSIL/Foold.3dc9c9fb
K7GWTrojan-Downloader ( 0057eb6a1 )
K7AntiVirusTrojan-Downloader ( 0057eb6a1 )
BitDefenderThetaGen:NN.ZemsilCO.34294.km1@a8tA0Ihi
CyrenW32/MSIL_Kryptik.CXK.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/TrojanDownloader.Agent.IFG
APEXMalicious
Paloaltogeneric.ml
KasperskyHEUR:Trojan-Downloader.MSIL.Foold.gen
BitDefenderGen:Variant.Ser.MSILHeracles.45
AvastWin32:DangerousSig [Trj]
TencentMsil.Trojan-downloader.Agent.Ajvj
Ad-AwareGen:Variant.Ser.MSILHeracles.45
DrWebTrojan.Siggen15.50644
McAfee-GW-EditionArtemis!Trojan
EmsisoftGen:Variant.Ser.MSILHeracles.45 (B)
IkarusTrojan-Downloader.MSIL.Agent
GDataGen:Variant.Ser.MSILHeracles.45
AviraHEUR/AGEN.1143749
MAXmalware (ai score=83)
GridinsoftRansom.Win32.Wacatac.sa
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 99)
AhnLab-V3Trojan/Win.AgentTesla.R429361
McAfeeArtemis!E75FE9B145D4
TrendMicro-HouseCallTROJ_GEN.R002H0CKN21
YandexTrojan.DL.Agent!98kFwuxtvpU
SentinelOneStatic AI – Suspicious PE
FortinetMSIL/Agent.IFG!tr.dldr
AVGWin32:DangerousSig [Trj]
PandaTrj/GdSda.A

How to remove Malware.AI.4040948473?

Malware.AI.4040948473 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment