Malware

Malware.AI.4136453987 (file analysis)

Malware Removal

The Malware.AI.4136453987 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.4136453987 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • Authenticode signature is invalid
  • Behavioural detection: Injection (inter-process)
  • CAPE detected the embedded pe malware family
  • Anomalous binary characteristics
  • Attempts to modify Explorer settings to prevent hidden files from being displayed
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Malware.AI.4136453987?



File Info:

name: 87B0105857266842C95E.mlw
path: /opt/CAPEv2/storage/binaries/8d7e2fa5940cde09187fbe03ef9ad9731305b7edeba3a1a9f35616507ddecac1
crc32: 1596530A
md5: 87b0105857266842c95eb375447e4394
sha1: 18dab175dad5a1c5c5dcad8d6374a54127db23d3
sha256: 8d7e2fa5940cde09187fbe03ef9ad9731305b7edeba3a1a9f35616507ddecac1
sha512: 4beff1900f389d931259340141fa9b74ef925f15e400e405511638f9a4afd049b0cb7c596c3a238fe2c3de12be3a49a7ab451e3dd2557a1d248ee7f67dfe35e0
ssdeep: 1536:LDvp04q1noL9bZm6ViaEVrs9oHacTQDfqbxmuLw:Pvp0Lno30s9oHacgybxV
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1F9D3CE93198B7842D29B6EB633F35FF2A467289479C390CF235B06E83C95585C424EBD
sha3_384: 28b1a28ddbacf782d309007fd65873930fbd694bec44d4f88379a597c5b6c4c9613f94153684c5fa3674039d671f1f2c
ep_bytes: 68a4124000e8f0ffffff000058000000
timestamp: 2010-09-16 07:39:04


Version Info:

Translation: 0x0409 0x04b0
: 
FileVersion: 4.29
ProductVersion: 4.29

Malware.AI.4136453987 also known as:

BkavW32.AIDetectMalware
Elasticmalicious (high confidence)
DrWebWin32.HLLW.Autoruner.28462
MicroWorld-eScanGen:Variant.VBKrypt.32
FireEyeGeneric.mg.87b0105857266842
CAT-QuickHealTrojan.VBCrypt.MF.133
SkyhighBehavesLike.Win32.VBObfus.cm
ALYacGen:Variant.VBKrypt.32
Cylanceunsafe
VIPREGen:Variant.VBKrypt.32
SangforSuspicious.Win32.Save.vb
K7AntiVirusEmailWorm ( 00565a791 )
AlibabaWorm:Win32/Vobfus.5972332b
K7GWEmailWorm ( 00565a791 )
Cybereasonmalicious.857266
BitDefenderThetaAI:Packer.AFFD0BE320
VirITTrojan.Win32.Scar.LR
SymantecW32.Changeup
tehtrisGeneric.Malware
ESET-NOD32Win32/AutoRun.VB.TZ
APEXMalicious
ClamAVWin.Trojan.VB-1361
KasperskyWorm.Win32.WBNA.ipa
BitDefenderGen:Variant.VBKrypt.32
NANO-AntivirusTrojan.Win32.WBNA.crkzrc
SUPERAntiSpywareTrojan.Agent/Gen-Vobfus
AvastWin32:AutoRun-BNW [Wrm]
TencentWin32.Worm.Wbna.Wdkl
TACHYONTrojan/W32.VB-VBKrypt.135168.D
EmsisoftGen:Variant.VBKrypt.32 (B)
GoogleDetected
F-SecureTrojan.TR/Dropper.Gen
BaiduWin32.Worm.VB.al
ZillyaTrojan.VBKrypt.Win32.4088
TrendMicroWORM_ESFURY.SMA
Trapminemalicious.high.ml.score
SophosW32/VB-EWR
IkarusTrojan.Win32.VBKrypt
GDataGen:Variant.VBKrypt.32
JiangminTrojan/VBKrypt.hbqy
VaristW32/Vobfus.I.gen!Eldorado
AviraTR/Dropper.Gen
Antiy-AVLWorm/Win32.WBNA.gen
KingsoftWin32.Worm.WBNA.ipa
XcitiumTrojWare.Win32.VBKrypt.2@22yg5l
ArcabitTrojan.VBKrypt.32
ViRobotTrojan.Win32.A.VBKrypt.135168.AH
ZoneAlarmWorm.Win32.WBNA.ipa
MicrosoftWorm:Win32/Vobfus.AH
CynetMalicious (score: 100)
AhnLab-V3Win-Trojan/VBKrypt.RP03.X1850
McAfeeDownloader-CJX.gen.at
MAXmalware (ai score=100)
VBA32TScope.Trojan.VB
MalwarebytesMalware.AI.4136453987
PandaW32/Vobfus.EX
TrendMicro-HouseCallWORM_ESFURY.SMA
RisingWorm.VobfusEx!1.99E0 (CLASSIC)
YandexTrojan.GenAsa!WqMgLtegyLA
SentinelOneStatic AI – Malicious PE
FortinetW32/VBKrypt.FSC!tr
AVGWin32:AutoRun-BNW [Wrm]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (W)
alibabacloudWorm:Win/WBNA.ipa

How to remove Malware.AI.4136453987?

Malware.AI.4136453987 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment