Malware

How to remove “Malware.AI.4118636219”?

Malware Removal

The Malware.AI.4118636219 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.4118636219 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Unconventionial language used in binary resources: Russian
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Malware.AI.4118636219?



File Info:

name: 2BBA7B854AD7AB551B5C.mlw
path: /opt/CAPEv2/storage/binaries/d14b19342b81e6121df1ceb24ecb8da0fa99ecee8618c6bbe9a6fc99da3f2694
crc32: 8C78B095
md5: 2bba7b854ad7ab551b5c65600f222a46
sha1: 512aa81b61dee69120530194778ae378f540775b
sha256: d14b19342b81e6121df1ceb24ecb8da0fa99ecee8618c6bbe9a6fc99da3f2694
sha512: 403cf85f7a1050eabcddaf9df2d8bf133a953302b5c51d08c8d909ded47e6a02a1e741e2e7641a921636060759b8ad63c007a49bcaf273d1de9bda15cfbfecf6
ssdeep: 6144:Z4Eib+P9QTTY/zSwPlS51sh5CrblB1GESFM1a:Z4r6KkFA1cCb71GESo
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T13A5401403A918A22FD0BBAF1EB66921C08B57C94745DD6BC344CF76E5D3810FEB9835A
sha3_384: 8eb87fd99b51982e4125bfc1b5a757776a3fbcf8bac84e8ca70dfccaa0f4bac22d69a3ed9b079f59ccf733d5d99cbd78
ep_bytes: 60be008043008dbe0090fcff5783cdff
timestamp: 2013-04-02 16:13:26


Version Info:

CompanyName: SolarSoft Inc.
FileDescription: WMI Host Controller (32-bit)
FileVersion: 5.4.3.4
InternalName: wmihc
LegalCopyright: Copyright (C) 2007-2012 - TechDays Inc.
OriginalFilename: wmihc
ProductName: WMI Host Controller (32-bit)
ProductVersion: 5.4.3.4
Translation: 0x1009 0x04b0

Malware.AI.4118636219 also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Generic.4!c
Elasticmalicious (moderate confidence)
MicroWorld-eScanGen:Variant.Ser.Jaik.1381
FireEyeGeneric.mg.2bba7b854ad7ab55
McAfeeArtemis!2BBA7B854AD7
Cylanceunsafe
VIPREGen:Variant.Ser.Jaik.1381
SangforTrojan.Win32.Kryptik.Vb8h
K7AntiVirusTrojan ( 0055e3991 )
AlibabaVirTool:Win32/Obfuscator.eecf20ea
K7GWTrojan ( 0055e3991 )
Cybereasonmalicious.54ad7a
BitDefenderThetaGen:NN.ZexaF.36164.rmKfaSvDUjck
ESET-NOD32a variant of Win32/Kryptik.BYYA
APEXMalicious
Paloaltogeneric.ml
CynetMalicious (score: 100)
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Variant.Ser.Jaik.1381
NANO-AntivirusTrojan.Win32.Zbot.brqksq
AvastWin32:Malware-gen
TencentWin32.Trojan.Generic.Rimw
SophosMal/Generic-S
F-SecureHeuristic.HEUR/AGEN.1310438
DrWebTrojan.PWS.Panda.2401
ZillyaTrojan.Zbot.Win32.120560
TrendMicroTROJ_SPNR.14DM13
McAfee-GW-EditionBehavesLike.Win32.Corrupt.dc
Trapminemalicious.moderate.ml.score
EmsisoftGen:Variant.Ser.Jaik.1381 (B)
IkarusTrojan-Spy.Win32.Zbot
GDataGen:Variant.Ser.Jaik.1381
JiangminTrojanSpy.Zbot.fbcl
WebrootTrojan.Dropper.Gen
AviraHEUR/AGEN.1310438
Antiy-AVLTrojan[Spy]/Win32.Zbot
XcitiumMalware@#g9k2ey1e20qo
ArcabitTrojan.Ser.Jaik.D565
ZoneAlarmHEUR:Trojan.Win32.Generic
MicrosoftTrojan:Win32/Wacatac.B!ml
GoogleDetected
VBA32TrojanSpy.Zbot
ALYacGen:Variant.Ser.Jaik.1381
MAXmalware (ai score=99)
MalwarebytesMalware.AI.4118636219
PandaTrj/Genetic.gen
TrendMicro-HouseCallTROJ_SPNR.14DM13
RisingMalware.Undefined!8.C (TFE:5:yFsVqq0JrLL)
YandexTrojan.GenAsa!/cTbFz6d7L0
SentinelOneStatic AI – Suspicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Kryptik.FDBG!tr
AVGWin32:Malware-gen
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_70% (W)

How to remove Malware.AI.4118636219?

Malware.AI.4118636219 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment