Malware

Malware.AI.4138470859 malicious file

Malware Removal

The Malware.AI.4138470859 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.4138470859 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Uses Windows utilities for basic functionality
  • Deletes executed files from disk
  • Collects information to fingerprint the system
  • Uses suspicious command line tools or Windows utilities

How to determine Malware.AI.4138470859?



File Info:

name: E674A2DE1204D327FA84.mlw
path: /opt/CAPEv2/storage/binaries/320a1f05f3e2c9a6602240586b95202dc7548ab4f3fc4e6e2a430b1c1460cf6e
crc32: A398D6AA
md5: e674a2de1204d327fa84106537d7ef16
sha1: 20fd9d80c07a5df657fe5ad2940caefd71e3b7fe
sha256: 320a1f05f3e2c9a6602240586b95202dc7548ab4f3fc4e6e2a430b1c1460cf6e
sha512: 3d762729f50c491e8e3782a549061675877c357c8f2226579eb550ac5b73a1fa49b2a94b3c530eda4bd2bbd677ca67513de401af41e15863a3e893a860d24dd4
ssdeep: 12288:gm7Ri1XPLXnqE3B2OJ3jNXE/raG2m0iHj0Ww:1ItXnxwu3jxEDJnHo
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T198A423366C84B9CCCD791F39FE8C14ACD689464157EE9C2209D9003C8D19BEA7ADA763
sha3_384: 18ddd2655c8393f98177a0b6e08eaff6659da7f80bd376dc437eee89e266d9493f8382b235da55973e7567e5f9848c46
ep_bytes: 60bec4dc784e89f689f0406109c6b800
timestamp: 1970-01-01 00:00:00


Version Info:

0: [No Data]

Malware.AI.4138470859 also known as:

BkavW32.AIDetect.malware2
LionicTrojan.Win32.Generic.4!c
tehtrisGeneric.Malware
MicroWorld-eScanGen:Variant.Razy.576052
FireEyeGeneric.mg.e674a2de1204d327
ALYacGen:Variant.Razy.576052
CylanceUnsafe
ZillyaTrojan.Injector.Win32.978833
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 0057984e1 )
AlibabaTrojan:Win32/Injector.90aafe18
K7GWTrojan ( 0057984e1 )
CrowdStrikewin/malicious_confidence_100% (W)
CyrenW32/Kryptik.DND.gen!Eldorado
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Injector.EBQH
APEXMalicious
Paloaltogeneric.ml
CynetMalicious (score: 100)
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Variant.Razy.576052
NANO-AntivirusTrojan.Win32.Razy.ivimeq
AvastWin32:Evo-gen [Trj]
TencentTrojan.Win32.Injector.wc
Ad-AwareGen:Variant.Razy.576052
EmsisoftGen:Variant.Razy.576052 (B)
ComodoPacked.Win32.MUPX.Gen@24tbus
DrWebTrojan.Packed2.43250
VIPREGen:Variant.Razy.576052
TrendMicroPAK_Xed-10
McAfee-GW-EditionBehavesLike.Win32.Generic.gm
SophosMal/Generic-R + Troj/Agent-BGQS
SentinelOneStatic AI – Malicious PE
GDataGen:Variant.Razy.576052
JiangminTrojan.Generic.hmiio
AviraHEUR/AGEN.1200606
Antiy-AVLTrojan/Generic.ASBOL.C687
ArcabitTrojan.Razy.D8CA34
MicrosoftTrojan:Win32/Wacatac.B!ml
GoogleDetected
AhnLab-V3Malware/Gen.RL_Reputation.R368477
Acronissuspicious
McAfeeGenericRXAA-FA!E674A2DE1204
MAXmalware (ai score=80)
VBA32BScope.Trojan.Wacatac
MalwarebytesMalware.AI.4138470859
TrendMicro-HouseCallPAK_Xed-10
RisingTrojan.Kryptik!1.D238 (CLASSIC)
YandexTrojan.Agent!U6HVvhbbwgg
IkarusTrojan.Win32.Injector
MaxSecureTrojan.Malware.7164915.susgen
FortinetW32/Agent.BGQS!tr
BitDefenderThetaGen:NN.ZexaF.34698.DmW@au7DkUl
AVGWin32:Evo-gen [Trj]
Cybereasonmalicious.e1204d
PandaTrj/Genetic.gen

How to remove Malware.AI.4138470859?

Malware.AI.4138470859 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment