Malware

Malware.AI.4064749955 removal guide

Malware Removal

The Malware.AI.4064749955 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.4064749955 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary contains an unknown PE section name indicative of packing
  • Executable file is packed/obfuscated with ASPack
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • CAPE detected the shellcode get eip malware family
  • Binary file triggered YARA rule
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Malware.AI.4064749955?



File Info:

name: C9596128DCA4748FA36B.mlw
path: /opt/CAPEv2/storage/binaries/3f40746ae18460c44bce8abde7c845f3473b6d223a9ddf96bda349e1659cc321
crc32: 301F2848
md5: c9596128dca4748fa36b54efc4628cfb
sha1: 740255b986d7d06742e60d41ac63f83e61ca565c
sha256: 3f40746ae18460c44bce8abde7c845f3473b6d223a9ddf96bda349e1659cc321
sha512: 4d3a1135ff30e0d2a39203a1f7d08211209e421ce0645727c7b5139f7b29ac41cc4b3014b352195b7d8b0e1cd55915ff93d86cc02e0ead18e23daf54229d3ef5
ssdeep: 12288:D2i/c/x+WMJu1DkxJbaGUvffYTLgx3BtkYcKHzkHaCDkIe5HyomTrR7:Dv/I5LyJUfYPgxBtBH7D7dfG
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T133C4235E1394C44DCBA0833797D325C42FA81BD4BC6696E5EAC8A1C4A6173FBEE0C671
sha3_384: a8284bc207d04a4e0e8e76afcd127dc7f4827acb2a84535ed04223229dc5a8d7e5ef73725e945c85b590a769491d6707
ep_bytes: 60e803000000e9eb045d4555c3e80100
timestamp: 2023-11-28 03:40:20


Version Info:

FileVersion: 24.2.3
FileDescription: 小斧头
ProductName: AX-Trainer
ProductVersion: 24.2.3
CompanyName: 101c4
LegalCopyright: 0
Comments: 9
Translation: 0x0804 0x04b0

Malware.AI.4064749955 also known as:

BkavW32.Common.F6AD0C48
LionicTrojan.Win32.BlackMoon.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Fragtor.487516
FireEyeGeneric.mg.c9596128dca4748f
ALYacGen:Variant.Fragtor.487516
Cylanceunsafe
SangforTrojan.Win32.Blackmoon.V8a3
CrowdStrikewin/malicious_confidence_100% (W)
BitDefenderGen:Variant.Fragtor.487516
K7GWTrojan ( 005931081 )
K7AntiVirusTrojan ( 005931081 )
BitDefenderThetaGen:NN.ZexaF.36802.KC0baKpbHMlb
SymantecML.Attribute.HighConfidence
tehtrisGeneric.Malware
ESET-NOD32a variant of Win32/Packed.BlackMoon.A suspicious
APEXMalicious
CynetMalicious (score: 100)
AlibabaTrojanDropper:Win32/BlackMoon.6bdc240c
NANO-AntivirusTrojan.Win32.Mlw.kipbqw
TrendMicroTROJ_GEN.R06CC0PL923
SophosGeneric Reputation PUA (PUA)
SentinelOneStatic AI – Suspicious PE
Antiy-AVLTrojan/Win32.Blamon.a
Kingsoftmalware.kb.a.999
ArcabitTrojan.Fragtor.D7705C
ViRobotTrojan.Win.Z.Fragtor.592896
GoogleDetected
AhnLab-V3Malware/Win32.RL_Generic.R362560
VBA32BScope.TrojanPSW.Gamania
MAXmalware (ai score=85)
MalwarebytesMalware.AI.4064749955
PandaTrj/Chgt.AD
TrendMicro-HouseCallTROJ_GEN.R06CC0PL923
YandexRiskware.BlackMoon!Ydq7vhBolS4
IkarusTrojan.Crypt
MaxSecureTrojan.Malware.234261136.susgen
FortinetRiskware/Blackmoon
Cybereasonmalicious.8dca47
DeepInstinctMALICIOUS
alibabacloudVirTool:Win/Packed.BlackMoon.A

How to remove Malware.AI.4064749955?

Malware.AI.4064749955 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment