Malware

What is “Malware.AI.4084746102”?

Malware Removal

The Malware.AI.4084746102 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.4084746102 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • Unconventionial language used in binary resources: Russian
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid

How to determine Malware.AI.4084746102?



File Info:

name: F9C1E289F38E818E40BB.mlw
path: /opt/CAPEv2/storage/binaries/58e4006daa337023ba17052838c7bdbebeba2b86afe4721e0c07cb21fe0e5b80
crc32: 126630B4
md5: f9c1e289f38e818e40bbd4e888fd30f1
sha1: 832a0784e196b4e200e1713838c050ae437df596
sha256: 58e4006daa337023ba17052838c7bdbebeba2b86afe4721e0c07cb21fe0e5b80
sha512: e04f240ecaac9f1d010c777a5263a7311daae6105ddea609610e9950cbaf5fd2d19eb39a11f484c72aa81431cc64e0d1741e3465405a85a2175a95d43f6d37dc
ssdeep: 3072:dGzP4O9xw+DUi8qgLSPeg/y+fCsyFXMsBkmu/mQtsSzAO+K+9CdmcRAljA:dAP4O93UfqgWa+KZlBkAssBpGdmcRAq
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T156F31229ADD3716AF27E02B81C7C4683408E3B06FAB47E68B699416C369F131F247F15
sha3_384: e834a40fe36f526db6bdb55223fbc38b874b7e868d98ac75dca92ac82d473a7d89f18102205427980f636c7380946e98
ep_bytes: 60be005043008dbe00c0fcff5783cdff
timestamp: 2006-11-20 22:36:45


Version Info:

CompanyName: ДддтхКтццщШОГЪчЧТЗглпЮЩШъ
FileDescription: шЖвЪТЯгьжХХЮыМеыГдепъэндКхЛ
FileVersion: 91.118.71.51
InternalName: ЯврхцлЗтЦвбсвЮчРОКНЮЭрЯЫАСГ
LegalCopyright: 8534-7021
OriginalFilename: tMwKwdj.exe
ProductName: ЖИШйПЫКЗтХнкРЭпЯЩОРВсЛФкЯ
ProductVersion: 91.118.71.51
Translation: 0x04b0 0x0417

Malware.AI.4084746102 also known as:

LionicHacktool.Win32.Krap.3!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Bredo.6
FireEyeGeneric.mg.f9c1e289f38e818e
McAfeeArtemis!F9C1E289F38E
CylanceUnsafe
ZillyaTrojan.Zbot.Win32.37435
SangforTrojan.Win32.Krap.hm
K7AntiVirusTrojan ( f1000f011 )
AlibabaTrojanPSW:Win32/Kryptik.d06ebe74
K7GWTrojan ( f1000f011 )
Cybereasonmalicious.9f38e8
VirITTrojan.Win32.Packed.BECL
CyrenW32/Zbot.AK.gen!Eldorado
SymantecTrojan.Gen.MBT
ESET-NOD32a variant of Win32/Kryptik.EXL
APEXMalicious
Paloaltogeneric.ml
ClamAVWin.Trojan.Zbot-9655
KasperskyPacked.Win32.Krap.hm
BitDefenderGen:Variant.Bredo.6
NANO-AntivirusTrojan.Win32.Zbot.borca
AvastFileRepMalware
TencentWin32.Packed.Krap.Egeb
Ad-AwareGen:Variant.Bredo.6
EmsisoftGen:Variant.Bredo.6 (B)
ComodoMalCrypt.Indus!@1qrzi1
DrWebTrojan.Packed.20343
VIPRETrojan.Win32.Generic!BT
TrendMicroBKDR_QAKBOT.SMC
McAfee-GW-EditionBehavesLike.Win32.PWSZbot.cc
SophosMal/Generic-R + Mal/FakeAV-DV
SentinelOneStatic AI – Malicious PE
GDataGen:Variant.Bredo.6
JiangminTrojanSpy.Zbot.ajxt
eGambitGeneric.Malware
AviraTR/Dropper.Gen
Antiy-AVLTrojan/Generic.ASMalwS.1848EC0
KingsoftWin32.Troj.Krap.hm.(kcloud)
GridinsoftRansom.Win32.Zbot.sa
ViRobotTrojan.Win32.A.Krap.160334
MicrosoftPWS:Win32/Zbot.gen!Y
CynetMalicious (score: 100)
BitDefenderThetaAI:Packer.881EC0A11F
MAXmalware (ai score=99)
VBA32BScope.Trojan.Packed
MalwarebytesMalware.AI.4084746102
TrendMicro-HouseCallBKDR_QAKBOT.SMC
RisingTrojan.Agent!8.B1E (CLOUD)
IkarusTrojan.Win32.Crypt
MaxSecureTrojan.Malware.1382627.susgen
FortinetW32/Generic.AC.25AC8D!tr
WebrootW32.Bot.Gen
AVGFileRepMalware
PandaTrj/Sinowal.XEG
CrowdStrikewin/malicious_confidence_100% (D)

How to remove Malware.AI.4084746102?

Malware.AI.4084746102 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment