Malware

Malware.AI.4094287320 removal

Malware Removal

The Malware.AI.4094287320 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.4094287320 virus can do?

  • Sample contains Overlay data
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Attempts to modify proxy settings
  • Creates a copy of itself
  • Harvests cookies for information gathering
  • Uses suspicious command line tools or Windows utilities
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Malware.AI.4094287320?



File Info:

name: 21DE446564AD4FE1A8A9.mlw
path: /opt/CAPEv2/storage/binaries/eb53ae5c52ea9ea49df7ddff5cea99918c1d26312bffbaeff7b8e49e4e864a20
crc32: 2144DF1C
md5: 21de446564ad4fe1a8a9ac5bc6c0f930
sha1: 16dade7d93252f9a944906a823f8c1704b78b242
sha256: eb53ae5c52ea9ea49df7ddff5cea99918c1d26312bffbaeff7b8e49e4e864a20
sha512: 789e958daba7649550f08fc431899793c6058c8a7442aa1c81470aad94ff552bf80bb5931f6b2c60f1cf199767c89c9093c1c5ff1c763d42dcf573c285c25aa9
ssdeep: 192:c/J5cAnpYIRir84g0jGMszKLNaVTbdrVkvu7mazHrDR9P0oKYKw:WJ5cAny+J4gqGMszSGVEu7FnR9Ptyw
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1F4228DD2D59C7463E04685B34509CA9ABF58E22887672F0230C0E58BD48E4F1BD7E9D3
sha3_384: f492b7156b5c5e1ef54a20d54f4a7c847f14c0046394766dd804252f5ae07e18c68ddf3c6ebd8f204a07c78e6718b909
ep_bytes: 60be150041008dbeeb0fffff5783cdff
timestamp: 2005-02-18 17:09:54


Version Info:

0: [No Data]

Malware.AI.4094287320 also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.CommInet.4!c
tehtrisGeneric.Malware
DrWebTrojan.PWS.Butter.17
MicroWorld-eScanGen:Heur.Mint.SP.Sneaky.1
FireEyeGeneric.mg.21de446564ad4fe1
McAfeeArtemis!21DE446564AD
MalwarebytesMalware.AI.4094287320
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaBackdoor:Win32/CommInet.171b17ef
K7GWPassword-Stealer ( 0055e3dc1 )
K7AntiVirusPassword-Stealer ( 0055e3dc1 )
BitDefenderThetaAI:Packer.4C615A461E
CyrenW32/Heuristic-119!Eldorado
SymantecInfostealer.Bancos.T
Elasticmalicious (moderate confidence)
ESET-NOD32a variant of Win32/PSW.Small.X
APEXMalicious
CynetMalicious (score: 100)
KasperskyBackdoor.Win32.CommInet.s
BitDefenderGen:Heur.Mint.SP.Sneaky.1
NANO-AntivirusVirus.Win32.Gen.ccmw
AvastWin32:Malware-gen
TencentMalware.Win32.Gencirc.13c74bd8
EmsisoftGen:Heur.Mint.SP.Sneaky.1 (B)
F-SecureTrojan.TR/Crypt.ULPM.Gen
VIPREGen:Heur.Mint.SP.Sneaky.1
TrendMicroBKDR_COMMINET.Q
McAfee-GW-EditionBehavesLike.Win32.Generic.lc
Trapminemalicious.high.ml.score
SophosMal/Emogen-U
SentinelOneStatic AI – Malicious PE
GDataGen:Heur.Mint.SP.Sneaky.1
JiangminBackdoor/CommInet.af
WebrootW32.Malware.Gen
AviraTR/Crypt.ULPM.Gen
Antiy-AVLTrojan[Backdoor]/Win32.CommInet
XcitiumBackdoor.Win32.CommInet.s0@1om7yn
ArcabitTrojan.Mint.SP.Sneaky.1
ViRobotTrojan.Win.Z.Comminet.10244
ZoneAlarmBackdoor.Win32.CommInet.s
MicrosoftTrojan:Win32/Sisron
GoogleDetected
AhnLab-V3Trojan/Win32.Banker.R93309
ALYacGen:Heur.Mint.SP.Sneaky.1
MAXmalware (ai score=84)
Cylanceunsafe
PandaGeneric Malware
TrendMicro-HouseCallBKDR_COMMINET.Q
RisingMalware.Small!8.EAB5 (TFE:5:xsZiueAPEbI)
IkarusBackdoor.Win32.CommInet.s
MaxSecureTrojan.Malware.300983.susgen
AVGWin32:Malware-gen
Cybereasonmalicious.564ad4
DeepInstinctMALICIOUS

How to remove Malware.AI.4094287320?

Malware.AI.4094287320 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment