Malware

Malware.AI.4146622493 (file analysis)

Malware Removal

The Malware.AI.4146622493 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.4146622493 virus can do?

  • Dynamic (imported) function loading detected
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • .NET executable is packed/obfuscated with 9Rays.Net Spices.Net Obfuscator
  • Authenticode signature is invalid

How to determine Malware.AI.4146622493?



File Info:

name: E1FB2A31BE6CD5D75C55.mlw
path: /opt/CAPEv2/storage/binaries/3f773a608cf61801e715b0ff5d588bcd3a85a93d5a7ede3cb195e1084624cf72
crc32: 392B9541
md5: e1fb2a31be6cd5d75c55b7eb1f59177c
sha1: 93c9c614738ac5c8ff396eb4c41c58417cc63261
sha256: 3f773a608cf61801e715b0ff5d588bcd3a85a93d5a7ede3cb195e1084624cf72
sha512: 635da7e1a81dfaaa33365749ec9cff9e7b292eeaa2755dce7c24ac26972402e283389c531ca1d7e6406b80be20ed145abfb74ee5bb8a2049b6e3f075de47fbe5
ssdeep: 196608:kzCjiIrGvEwL2Cy/7nF1q9D75aLBESCNH+dLik2eDc8ffdznNpUFtW:dm8+L2hnqJ7oNjCCLFxA8fZnNKt
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1719623A17BC49576D031103428F5D63C7BF5BC248B32D097BFE9BA6D2E306E06A72646
sha3_384: bb30d2bdb4aa41016a1215c936518058b0a5c19b0a2797232657759b7d398b83dc547015a049fa92759c6bd8c4a7f75f
ep_bytes: ff250020400000000000000000000000
timestamp: 2022-05-07 16:34:16


Version Info:

Translation: 0x0000 0x04b0
Comments: WondershareUniConverterPatch
CompanyName: WondershareUniConverterPatch
FileDescription: WondershareUniConverterPatch
FileVersion: 1.0.0.0
InternalName: WondershareUniConverterPatch.exe
LegalCopyright: Copyright ©  2022
LegalTrademarks: WondershareUniConverterPatch
OriginalFilename: WondershareUniConverterPatch.exe
ProductName: WondershareUniConverterPatch
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Malware.AI.4146622493 also known as:

Elasticmalicious (high confidence)
MicroWorld-eScanIL:Trojan.MSILMamut.1618
ALYacIL:Trojan.MSILMamut.1618
CylanceUnsafe
Cybereasonmalicious.4738ac
SymantecML.Attribute.HighConfidence
ESET-NOD32multiple detections
APEXMalicious
KasperskyBackdoor.MSIL.SpyGate.ambe
BitDefenderIL:Trojan.MSILMamut.1618
AvastWin32:CoinminerX-gen [Trj]
Ad-AwareIL:Trojan.MSILMamut.1618
SophosGeneric ML PUA (PUA)
DrWebTrojan.MulDrop19.65182
McAfee-GW-EditionArtemis!Trojan
FireEyeGeneric.mg.e1fb2a31be6cd5d7
EmsisoftIL:Trojan.MSILMamut.1618 (B)
SentinelOneStatic AI – Malicious PE
GDataIL:Trojan.MSILMamut.1618
AviraTR/Dropper.Gen
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
CynetMalicious (score: 99)
AhnLab-V3Trojan/Win.Generic.C5122823
McAfeeArtemis!E1FB2A31BE6C
MAXmalware (ai score=86)
VBA32Backdoor.MSIL.SpyGate
MalwarebytesMalware.AI.4146622493
FortinetPossibleThreat
BitDefenderThetaGen:NN.ZemsilF.34666.@t0@aOPdKC
AVGWin32:CoinminerX-gen [Trj]
CrowdStrikewin/malicious_confidence_90% (W)

How to remove Malware.AI.4146622493?

Malware.AI.4146622493 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment