Malware.AI.4065260892 (file analysis)

The Malware.AI.4065260892 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.4065260892 virus can do?

SetUnhandledExceptionFilter detected (possible anti-debug)
Dynamic (imported) function loading detected
Authenticode signature is invalid

How to determine Malware.AI.4065260892?


File Info:
name: 55DF2C34AACA3AD94BE1.mlw
path: /opt/CAPEv2/storage/binaries/d7445eb0daa17bed9f9f82f2ffa3b9dcb6757d4c97a4ce132c08dda0139f300a
crc32: 95F9225C
md5: 55df2c34aaca3ad94be1bfe7f91716bc
sha1: b613e4e9561ce9432b4d2880d83f1f7cd6b334b1
sha256: d7445eb0daa17bed9f9f82f2ffa3b9dcb6757d4c97a4ce132c08dda0139f300a
sha512: a0b9b2525b9217988612f41f4158a2884416729cd83549ac53f600c88266378c2969a7ec4ae0d78b435b7732973626fde9d74fea7cb6ae600b2d8653511e4f17
ssdeep: 49152:RzR9pP6QcWrDxziB5HFw6z3L54hcQBPBPPhZBPBPPhZBPBPPhZBPBPPhZBPBPPhc:RliQJxC5lw8Nsc
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T11FE56B225219FEB4CF36A4F814B3DF2F72E079FA5436AE988D55D4E172900218C36D9B
sha3_384: 4275b02fd9927aaa02e3afce17d8006a2e3fde873029da0e548a520c72ae4dcad313224d73414de0235110a61216d2cf
ep_bytes: e8d7050000e974feffff558bec6a00ff
timestamp: 2022-06-26 15:52:32

Version Info:
0: [No Data]

Malware.AI.4065260892 also known as:

Bkav	W32.AIDetect.malware2
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Lazy.178162
FireEye	Generic.mg.55df2c34aaca3ad9
ALYac	Gen:Variant.Lazy.178162
Cylance	Unsafe
Sangfor	Trojan.Win32.Agent.V76l
K7AntiVirus	Unwanted-Program ( 005886281 )
K7GW	Unwanted-Program ( 005886281 )
Cybereason	malicious.9561ce
Cyren	W32/GameHack.BV.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/GameHack.FHV potentially unsafe
TrendMicro-HouseCall	Cryp_Xin2
Kaspersky	UDS:Trojan.Multi.GenericML.xnet
BitDefender	Gen:Variant.Lazy.178162
Avast	Win32:MalwareX-gen [Trj]
Ad-Aware	Gen:Variant.Lazy.178162
Emsisoft	Gen:Variant.Lazy.178162 (B)
TrendMicro	Cryp_Xin2
McAfee-GW-Edition	BehavesLike.Win32.Generic.wh
Sophos	Mal/Generic-S
GData	Gen:Variant.Lazy.178162
MAX	malware (ai score=82)
Arcabit	Trojan.Lazy.D2B7F2
Microsoft	Trojan:Win32/Wacatac.B!ml
Cynet	Malicious (score: 100)
AhnLab-V3	Packed/Win.Suspicious.C5104108
Acronis	suspicious
McAfee	GenericRXRU-AB!55DF2C34AACA
VBA32	BScope.Trojan.Shelma
Malwarebytes	Malware.AI.4065260892
APEX	Malicious
Rising	Trojan.Generic@AI.89 (RDML:kZfk5PemTl59/BrCCe1YpQ)
Yandex	Riskware.Agent!NwF8wVCOZDY
SentinelOne	Static AI – Suspicious PE
Fortinet	Riskware/GameHack
AVG	Win32:MalwareX-gen [Trj]

How to remove Malware.AI.4065260892?

Malware.AI.4065260892 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X