Malware

About “Malware.AI.4106644275” infection

Malware Removal

The Malware.AI.4106644275 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.4106644275 virus can do?

  • Executable code extraction
  • At least one process apparently crashed during execution
  • Expresses interest in specific running processes
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Attempts to repeatedly call a single API many times in order to delay analysis time
  • Installs itself for autorun at Windows startup
  • Checks the system manufacturer, likely for anti-virtualization
  • Anomalous binary characteristics

How to determine Malware.AI.4106644275?



File Info:

crc32: BFE5F161
md5: 5765f10973dc4207d274555e30daa789
name: 5765F10973DC4207D274555E30DAA789.mlw
sha1: 11445dbf22b1c2d0d0f11483669949f2a274cfa0
sha256: 8952f47e0b3f6aca5252801914ee336b619a6049c60968ee7c610fc80d8b1ae3
sha512: bd33f3400acc5dd33f6d4e54f45683cce0ca688070673ebf69802338c5f99a31ab5228c8863977008fc52f5a38f85f81f923583804270e667cbb873bda7d35e5
ssdeep: 6144:+hGZl5SnEPLAzxIPZOpFsVbtmtMCsurYofyqFst65:+8l5Sn+LAFIROzsVbEtuurke
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: x7248x6743x6240x6709 (C) 2018
InternalName: MFC Sever
FileVersion: 1, 0, 0, 1
CompanyName: 
LegalTrademarks: 
ProductName: MFC Sever x5e94x7528x7a0bx5e8f
ProductVersion: 1, 0, 0, 1
FileDescription: MFC Sever Microsoft x57fax7840x7c7bx5e94x7528x7a0bx5e8f
OriginalFilename: MFC Sever.EXE
Translation: 0x0804 0x04b0

Malware.AI.4106644275 also known as:

Elasticmalicious (high confidence)
MicroWorld-eScanDropped:Generic.Zegost.3.FC2A2522
FireEyeGeneric.mg.5765f10973dc4207
CAT-QuickHealTrojan.Mauvaise.SL1
McAfeePacked-MW!5765F10973DC
MalwarebytesMalware.AI.4106644275
AegisLabTrojan.Win32.Lotok.m!c
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 004fbf8e1 )
BitDefenderDropped:Generic.Zegost.3.FC2A2522
K7GWTrojan ( 004fbf8e1 )
Cybereasonmalicious.973dc4
BitDefenderThetaGen:NN.ZexaF.34608.wq0@aa9UF@ob
CyrenW32/Trojan.QYEA-8709
SymantecBackdoor.Zegost
BaiduWin32.Trojan.Agent.atx
APEXMalicious
Paloaltogeneric.ml
ClamAVWin.Trojan.Generic-6305873-0
KasperskyHEUR:Backdoor.Win32.Lotok.gen
AlibabaBackdoor:Win32/Zegost.298e8989
NANO-AntivirusTrojan.Win32.Zegost.flyras
RisingTrojan.Kryptik!1.AAD1 (CLOUD)
Ad-AwareDropped:Generic.Zegost.3.FC2A2522
EmsisoftDropped:Generic.Zegost.3.FC2A2522 (B)
F-SecureHeuristic.HEUR/AGEN.1131541
DrWebBackDoor.Zegost.800
ZillyaTrojan.Agent.Win32.898049
TrendMicroBackdoor.Win32.FARFLI.SMAL01
McAfee-GW-EditionPacked-MW!5765F10973DC
SophosML/PE-A + Troj/AutoG-IZ
SentinelOneStatic AI – Malicious PE
AviraHEUR/AGEN.1131541
MAXmalware (ai score=89)
Antiy-AVLTrojan/Win32.Scar
MicrosoftBackdoor:Win32/Zegost.DA
GridinsoftTrojan.Win32.Kryptik.oa
ArcabitGeneric.Zegost.3.FC2A2522
AhnLab-V3Malware/RL.Generic.R250184
ZoneAlarmHEUR:Backdoor.Win32.Lotok.gen
GDataDropped:Generic.Zegost.3.FC2A2522
CynetMalicious (score: 85)
ESET-NOD32a variant of Win32/Kryptik.FHSE
VBA32BScope.Trojan.Downloader
CylanceUnsafe
PandaTrj/GdSda.A
TrendMicro-HouseCallBackdoor.Win32.FARFLI.SMAL01
TencentMalware.Win32.Gencirc.10b4cff7
YandexTrojan.GenAsa!K6CxranR9e8
IkarusWorm.Win32.ServStart
FortinetW32/Kryptik.FHSE!tr
AVGWin32:Dropper-ODE [Drp]
AvastWin32:Dropper-ODE [Drp]
CrowdStrikewin/malicious_confidence_90% (W)
Qihoo-360Win32/Backdoor.Zegost.HwcBs8UA

How to remove Malware.AI.4106644275?

Malware.AI.4106644275 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment