Malware

Malware.AI.4126617556 removal tips

Malware Removal

The Malware.AI.4126617556 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.4126617556 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Behavioural detection: Injection (inter-process)
  • Behavioural detection: Injection with CreateRemoteThread in a remote process
  • Attempts to modify proxy settings
  • Deletes executed files from disk
  • Harvests cookies for information gathering
  • Anomalous binary characteristics
  • Uses suspicious command line tools or Windows utilities

How to determine Malware.AI.4126617556?



File Info:

name: EB182F1C662536893EDD.mlw
path: /opt/CAPEv2/storage/binaries/a29114c03aac81a5ddc1d2881dc3a412c7d556d0ba2a704b0bb3e6e989073472
crc32: 525C1DC1
md5: eb182f1c662536893eddcf558ecb78fe
sha1: 3e22a67deda811a0f642c97f4e82a0b4000ac4c0
sha256: a29114c03aac81a5ddc1d2881dc3a412c7d556d0ba2a704b0bb3e6e989073472
sha512: 0a96a230cffd918942f5831d60fe2b6733a6c9f75027884ace46ec21947fcec937879cc233587b57d141db71eff8d2ab3b5c6ee180687ba8deec4cc42f79d3e8
ssdeep: 98304:bG1dKGAujvn8ynYKw4f7U9FUJq99/BON3DKbMqEreYa:eKGAujv1YKrq63DKbSKV
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T17D268D127742C171E4E722F4169DA335567DBCA0072062D3A3DAA7FE9F682D0BD3364A
sha3_384: ce141a490ae7477e6469205895985915f08c7d0c781fed5f0a486e11286e6b0de8911c0a603231d4323d76bb4f7384d5
ep_bytes: 68f8174000e8eeffffff000000000000
timestamp: 2022-07-05 16:40:46


Version Info:

Translation: 0x0409 0x04b0
CompanyName: PB
ProductName: PB
FileVersion: 1.00.0661
ProductVersion: 1.00.0661
InternalName: UPDATE ZEPO
OriginalFilename: UPDATE ZEPO.exe

Malware.AI.4126617556 also known as:

BkavW32.AIDetect.malware2
tehtrisGeneric.Malware
MicroWorld-eScanGen:Variant.Tedy.144870
ClamAVWin.Malware.Zusy-9883587-0
FireEyeGeneric.mg.eb182f1c66253689
CAT-QuickHealPUA.IgenericRI.S25946137
ALYacGen:Variant.Tedy.144870
CylanceUnsafe
ZillyaDropper.GameHack.Win32.791
SangforSuspicious.Win32.Save.vb
BitDefenderGen:Variant.Tedy.144870
CrowdStrikewin/malicious_confidence_70% (D)
CyrenW32/ABRisk.WCLG-8459
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/GameHack.FJC potentially unsafe
APEXMalicious
CynetMalicious (score: 100)
KasperskyTrojan.Win32.Bsymem.agmp
RisingTrojan.Bsymem!8.FAE7 (C64:YzY0Oo4nWvaCjyI9)
Ad-AwareGen:Variant.Tedy.144870
TACHYONTrojan/W32.VB-Bsymem.4816896
SophosGeneric ML PUA (PUA)
DrWebTrojan.Siggen18.10195
VIPREGen:Variant.Tedy.144870
McAfee-GW-EditionBehavesLike.Win32.Generic.rh
Trapminemalicious.moderate.ml.score
EmsisoftGen:Variant.Tedy.144870 (B)
AviraTR/Dropper.Gen
Antiy-AVLTrojan/Generic.ASMalwS.6C82
MicrosoftTrojan:Script/Phonzy.A!ml
GDataGen:Variant.Tedy.144870
GoogleDetected
AhnLab-V3Trojan/Win.Generic.R427509
McAfeeGenericRXAA-AA!EB182F1C6625
MAXmalware (ai score=80)
VBA32BScope.Trojan.Wacatac
MalwarebytesMalware.AI.4126617556
PandaTrj/Genetic.gen
SentinelOneStatic AI – Suspicious PE
MaxSecureTrojan.W32.Multi.Generic
FortinetRiskware/GameHack
BitDefenderThetaGen:NN.ZevbaF.34606.@p0@aWrkDnki
AVGWin32:TrojanX-gen [Trj]
Cybereasonmalicious.c66253
AvastWin32:TrojanX-gen [Trj]

How to remove Malware.AI.4126617556?

Malware.AI.4126617556 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment