Malware

What is “Malware.AI.4083364362”?

Malware Removal

The Malware.AI.4083364362 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.4083364362 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • Enumerates running processes
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Sniffs keystrokes
  • Creates or sets a registry key to a long series of bytes, possibly to store a binary or malware config
  • Attempts to identify installed AV products by installation directory

How to determine Malware.AI.4083364362?



File Info:

name: C4B623B09BDE140148D3.mlw
path: /opt/CAPEv2/storage/binaries/5d11acba64c78b7336fea71fa08159e7af5c6c0f52ed7ce8430cd6f6accc866f
crc32: 6FC066E0
md5: c4b623b09bde140148d33e3d02e60a0a
sha1: 82629d488403b49def89a447f359da9deac8d305
sha256: 5d11acba64c78b7336fea71fa08159e7af5c6c0f52ed7ce8430cd6f6accc866f
sha512: cb021f22698a31d56f87ff2a3c67136c83f6bf22929186bb4ffd3e43efd6978ba26a7768e5acf9864d1d635d30aa294f20354b3f7eb00466f70256bd5d3803fc
ssdeep: 98304:BE3GnbLgjZUsg8rQTYeYw5JFlbmKuNwnF2yMY+005IzwwCXLnZg8:zngfWTY+9FuNwFVM5IUwAny8
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T10746123FB268653ED4AE4B3249B39220997BBB61A41A8C1F47F0094CDF264711F3FA55
sha3_384: 65e258f2ed2c1b82565de42914cbad01854e0741ea56f5eeafe0db3751932c7f5779ac4d3a57fd7f40c4a490e0fd9b0c
ep_bytes: 558bec83c4a453565733c08945c48945
timestamp: 2020-05-21 05:56:23


Version Info:

Comments: This installation was built with Inno Setup.
CompanyName: DBL Computing, Inc.                                         
FileDescription: DBL Copy Setup                                              
FileVersion: 0.0.0.0             
LegalCopyright:                                                                                                     
OriginalFileName:                                                   
ProductName: DBL Copy                                                    
ProductVersion: 0.0.0.0                                           
Translation: 0x0000 0x04b0

Malware.AI.4083364362 also known as:

LionicTrojan.Win32.Razy.a!c
MicroWorld-eScanTrojan.GenericKD.47569259
FireEyeTrojan.GenericKD.47569259
ALYacTrojan.GenericKD.47569259
CylanceUnsafe
K7AntiVirusTrojan ( 005722f11 )
AlibabaTrojanDownloader:Win32/Generic.d2307e40
K7GWTrojan ( 005722f11 )
ArcabitTrojan.Generic.D2D5D96B
SymantecTrojan.Gen.MBT
ESET-NOD32a variant of Win32/TrojanDropper.Agent.SLC
TrendMicro-HouseCallTROJ_GEN.R011C0GL721
Paloaltogeneric.ml
KasperskyTrojan-Downloader.Win32.Razy.bgcz
BitDefenderTrojan.GenericKD.47569259
AvastWin32:Trojan-gen
TencentWin32.Trojan-downloader.Razy.Szbi
Ad-AwareTrojan.GenericKD.47569259
EmsisoftTrojan.GenericKD.47569259 (B)
DrWebTrojan.PWS.Stealer.29572
TrendMicroTROJ_GEN.R011C0GL721
McAfee-GW-EditionBehavesLike.Win32.Dropper.tc
SophosMal/Generic-S
IkarusTrojan-Dropper.Win32.Agent
AviraHEUR/AGEN.1144245
MAXmalware (ai score=87)
MicrosoftTrojan:Win32/Wacatac.B!ml
APEXMalicious
GDataWin32.Trojan.Kryptik.91LTPY
CynetMalicious (score: 100)
AhnLab-V3Malware/Win32.Generic.C4226065
McAfeeArtemis!C4B623B09BDE
VBA32TrojanDownloader.Razy
MalwarebytesMalware.AI.4083364362
FortinetW32/Agent.SLC!tr
AVGWin32:Trojan-gen
PandaTrj/CI.A

How to remove Malware.AI.4083364362?

Malware.AI.4083364362 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment