Malware

Malware.AI.4055594219 removal instruction

Malware Removal

The Malware.AI.4055594219 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.4055594219 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Presents an Authenticode digital signature
  • Creates RWX memory
  • Possible date expiration check, exits too soon after checking local time
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Malware.AI.4055594219?



File Info:

name: 8F5DCBF4ABB639D71021.mlw
path: /opt/CAPEv2/storage/binaries/f0cfa68881b9876e659caec1f7420d5d7ca511b974d550a1fa4d37beb7de16c1
crc32: 5EFCC4EF
md5: 8f5dcbf4abb639d710217b2b86471d98
sha1: 93a64236c3d9df6041010318ec5f164854c534a3
sha256: f0cfa68881b9876e659caec1f7420d5d7ca511b974d550a1fa4d37beb7de16c1
sha512: 5ce86479405d74177f65688ff78e5dac9702650d4e92f94fed40ed15414de24425397a194232a62344416475c47abecd72628f517425b24ec290ffdb28a78c60
ssdeep: 6144:AucTLnzQPSqzXXiydn3nozW5TFYkI4uLZMGLv+xxxxxxxxxxxxxxxxngxxxxxxxR:AHTLzQPRHfdn34y3IbnLGxxxxxxxxxxo
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1E784E005FAD44DA3E4B6D239F936734647793A042861933F62C59E0CFC9A5B0EC7A70A
sha3_384: 105c6ff8fa1130c59da9340982511ee2a40f9d6f48616d6fa61453c0fe9f715e3ebf85c246ca57bd6b4d5358da7f511a
ep_bytes: 558bec81eccc000000535657892d64bc
timestamp: 2012-05-03 14:40:24


Version Info:

CompanyName: Microsoft Corporation
FileDescription: Solitaire Game Applet
FileVersion: 5.00.2138.1
InternalName: sol.exe
LegalCopyright: Copyright (C) Microsoft Corp. 1981-1999
OriginalFilename: sol.exe
ProductName: Microsoft(R) Windows (R) 2000 Operating System
ProductVersion: 5.00.2138.1
Translation: 0x0409 0x04b0

Malware.AI.4055594219 also known as:

BkavW32.AIDetect.malware2
Elasticmalicious (high confidence)
DrWebTrojan.PWS.Panda.2122
MicroWorld-eScanGen:Heur.Mint.Dreidel.xq1@xG1kMCli
FireEyeGeneric.mg.8f5dcbf4abb639d7
CAT-QuickHealTrojanPWS.Zbot.Y
ALYacGen:Heur.Mint.Dreidel.xq1@xG1kMCli
CylanceUnsafe
ZillyaTrojan.Yakes.Win32.4047
K7AntiVirusTrojan ( 0040f02a1 )
K7GWTrojan ( 0040f02a1 )
Cybereasonmalicious.4abb63
BitDefenderThetaGen:NN.ZexaF.34062.xq1@aG1kMCli
CyrenW32/Zbot.DQ.gen!Eldorado
ESET-NOD32a variant of Win32/Kryptik.AFAX
KasperskyPacked.Win32.Krap.iu
BitDefenderGen:Heur.Mint.Dreidel.xq1@xG1kMCli
NANO-AntivirusTrojan.Win32.Panda.rpxyj
SUPERAntiSpywareTrojan.Agent/Gen-Kryptik
AvastWin32:Karagany
TencentMalware.Win32.Gencirc.10b25f6c
Ad-AwareGen:Heur.Mint.Dreidel.xq1@xG1kMCli
ComodoTrojWare.Win32.Kryptik.ASR@4oc4x0
BaiduWin32.Adware.Kryptik.b
VIPRETrojan.Win32.Reveton.ca (v)
EmsisoftGen:Heur.Mint.Dreidel.xq1@xG1kMCli (B)
IkarusPacker.Win32.Krap
GDataGen:Heur.Mint.Dreidel.xq1@xG1kMCli
JiangminTrojan/Generic.abgzx
AviraTR/Crypt.EPACK.Gen2
MAXmalware (ai score=83)
MicrosoftTrojan:Win32/Emotet.KDS!MTB
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Zbot.R24471
Acronissuspicious
McAfeePWS-Zbot.gen.bex
VBA32BScope.Malware-Cryptor.SB.01798
MalwarebytesMalware.AI.4055594219
APEXMalicious
RisingTrojan.Generic@ML.94 (RDML:nuRDf5BVsy89OleIx5r2pw)
YandexTrojan.Kazy!Y7X6cC+I7kk
SentinelOneStatic AI – Malicious PE
FortinetW32/ZBOT.HL!tr
AVGWin32:Karagany
PandaBck/Qbot.AO
CrowdStrikewin/malicious_confidence_100% (D)

How to remove Malware.AI.4055594219?

Malware.AI.4055594219 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment