Malware.AI.4078864353 (file analysis)

The Malware.AI.4078864353 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.4078864353 virus can do?

Executable code extraction
Creates RWX memory
The binary likely contains encrypted or compressed data.
Anomalous binary characteristics

How to determine Malware.AI.4078864353?


File Info:
crc32: C636A6A4
md5: 6799d63d915d87ca1cb00bb50563f64f
name: 6799D63D915D87CA1CB00BB50563F64F.mlw
sha1: 76c14d2074c2d78126a806cb19e6d6bf250004ff
sha256: e77edc3fbb103f35c25fdd0fb4c159e0fdf5a38a071bfae3e34e024c260435a7
sha512: 042c9611d0e76207b2a2aa7f3b1eadf3a52ba30c25be8eb60a2f24fddfe6cc72e5cab8ab233fe798479a88a7fa78cf355286dc45622a25e4063469e398aa59e8
ssdeep: 1536:nCIT7vHTccIZ37hPYTXilhoZBOpDys6v0yEUgWWTF:nCo7vzFIZ3dgTXVZBEP4ErWWTF
type: PE32 executable (GUI) Intel 80386, for MS Windows, PECompact2 compressed

Version Info:
LegalCopyright: xa9 2021, H Hayat
InternalName: Patch.exe
FileVersion: 1.1.0.0
CompanyName: H Hayat
LegalTrademarks: 
Comments: 
ProductName: iTubeGo Downloader v4.2.x [x64] - Patch v1.1
ProductVersion: 1.1.0.0
FileDescription: iTubeGo Downloader v4.2.x [x64] - Patch v1.1
OriginalFilename: Patch.exe
Translation: 0x0409 0x04e4

Malware.AI.4078864353 also known as:

K7AntiVirus	Unwanted-Program ( 0054d0751 )
Cynet	Malicious (score: 100)
CAT-QuickHeal	Trojan.Wacatac
ALYac	Trojan.GenericKD.36251655
Cylance	Unsafe
Sangfor	Malware
BitDefender	Trojan.GenericKD.36251655
K7GW	Unwanted-Program ( 0054d0751 )
Cybereason	malicious.074c2d
Cyren	W32/Trojan.YNOA-1643
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/HackTool.Patcher.ED potentially unsafe
APEX	Malicious
Alibaba	HackTool:Win32/Patcher.b6c5eb29
NANO-Antivirus	Trojan.Win32.Generic.fgneif
MicroWorld-eScan	Trojan.GenericKD.36251655
Ad-Aware	Trojan.GenericKD.36251655
Sophos	Generic Reputation PUA (PUA)
Comodo	Malware@#24nuh9yp4amx5
BitDefenderTheta	AI:Packer.5A797BFF21
TrendMicro	TROJ_GEN.R002C0PB121
McAfee-GW-Edition	GenericRXCI-OV!0B49E098CC23
FireEye	Generic.mg.6799d63d915d87ca
Emsisoft	Trojan.GenericKD.36251655 (B)
Webroot	W32.Hax.Gen
Antiy-AVL	Trojan/Win32.Fuerboos
Microsoft	Program:Win32/Ymacco.AAE7
Arcabit	Trojan.Generic.D2292807
AegisLab	Trojan.Win32.Generic.4!c
GData	Trojan.GenericKD.36251655
McAfee	Artemis!6799D63D915D
MAX	malware (ai score=85)
Malwarebytes	Malware.AI.4078864353
Panda	Trj/CI.A
TrendMicro-HouseCall	TROJ_GEN.R002C0PB121
Rising	Trojan.Tiggre!8.ED98 (TFE:4:1XbEIb4doDL)
Ikarus	possible-Threat.Hacktool.Patcher
Fortinet	Riskware/Generic_PUA_HG
Paloalto	generic.ml
Qihoo-360	Win32/Trojan.Generic.HxEA86sA

How to remove Malware.AI.4078864353?

Malware.AI.4078864353 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X