Malware

Malware.AI.4153491082 removal guide

Malware Removal

The Malware.AI.4153491082 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.4153491082 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Creates RWX memory
  • Guard pages use detected – possible anti-debugging.
  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid

How to determine Malware.AI.4153491082?



File Info:

name: 6827F7CA6FB3DF6B7F82.mlw
path: /opt/CAPEv2/storage/binaries/2ed68d8e0b3bc6c13934c73a03413650a3af9f74a0123ec5df648813de6ff849
crc32: EB6A23EB
md5: 6827f7ca6fb3df6b7f828b2a13335351
sha1: a241fb5c2cf69a93a9a94c26ed58f3cad804e1c3
sha256: 2ed68d8e0b3bc6c13934c73a03413650a3af9f74a0123ec5df648813de6ff849
sha512: 88872139bacc5f99c9339006960ebb642442bc9ac98d915df9fcf9a7b4fcae406133cf287c43b359143abee4929e3fccdbe0527be8cf6b0891818dd1b430e71f
ssdeep: 49152:39f0RIglO1CuL9VNcaCd9kxBp+F3pLqL0kj80fGncuBzMO0s:39f6MpCWBp+F3pLqL0k7fPuBz
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1B7D58D2272908927D47A57B58E62D2B483F4FC05BA15D50D7EF03E6E6EBD281EE03352
sha3_384: 1ef99c288f006553dcf0a2eede103512848ff41dc91271a7125e0e1733dbc6afb5719d2d144e48c1622cd86f88a22ca4
ep_bytes: ff250020400000000000000000000000
timestamp: 2013-09-13 00:10:31


Version Info:

Translation: 0x0000 0x04b0
Comments: Created By Gaith The Wolf
CompanyName: Wolf Hacker
FileDescription: WOLF RAT
FileVersion: 2.1.0.0
InternalName: WOLF RAT V2.1.exe
LegalCopyright: Copyright © WOLF_HACKER 2013
LegalTrademarks: Wolf RAT
OriginalFilename: WOLF RAT V2.1.exe
ProductName: Wolf RAT For Hacker
ProductVersion: 2.1.0.0
Assembly Version: 2.1.0.0

Malware.AI.4153491082 also known as:

Elasticmalicious (high confidence)
DrWebBackDoor.SpyBotNET.21
MicroWorld-eScanGen:Variant.Bulz.455129
FireEyeGeneric.mg.6827f7ca6fb3df6b
ALYacGen:Variant.Bulz.455129
CylanceUnsafe
ZillyaTrojan.Agent.Win32.553183
SangforBackdoor.MSIL.SpyGate.gen
AlibabaBackdoor:MSIL/SpyGate.d4859e6f
Cybereasonmalicious.a6fb3d
BitDefenderThetaGen:NN.ZemsilF.34062.Ps0@aqngpOo
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/Spy.Agent.CT
TrendMicro-HouseCallHKTL_RATYWOLF
Paloaltogeneric.ml
ClamAVWin.Malware.Shutdown-9833530-0
KasperskyHEUR:Backdoor.MSIL.SpyGate.gen
BitDefenderGen:Variant.Bulz.455129
NANO-AntivirusTrojan.Win32.Keylogger.epoyqp
AvastFileRepMetagen [DRP]
TencentMsil.Backdoor.Spygate.Wnml
Ad-AwareGen:Variant.Bulz.455129
SophosMal/Agent-ASP
ComodoMalware@#2bies9z890sgg
VIPRETrojan.Win32.Generic!BT
TrendMicroHKTL_RATYWOLF
McAfee-GW-EditionArtemis!Trojan
EmsisoftGen:Variant.Bulz.455129 (B)
SentinelOneStatic AI – Malicious PE
GDataGen:Variant.Bulz.455129
JiangminBackdoor.MSIL.dkiw
MaxSecureTrojan.Malware.300983.susgen
AviraHEUR/AGEN.1204164
MAXmalware (ai score=100)
Antiy-AVLTrojan/Generic.ASMalwS.1A9F2A4
KingsoftWin32.Troj.Generic_a.a.(kcloud)
ArcabitTrojan.Bulz.D6F1D9
MicrosoftTrojan:Win32/Occamy.C2E
CynetMalicious (score: 99)
McAfeeArtemis!6827F7CA6FB3
MalwarebytesMalware.AI.4153491082
APEXMalicious
YandexTrojanSpy.Keylogger!21GZR9AUZhA
IkarusTrojan-PWS.MSIL
FortinetMSIL/Agent.CT!tr.spy
WebrootW32.Malware.Heur
AVGFileRepMetagen [DRP]
PandaTrj/CI.A

How to remove Malware.AI.4153491082?

Malware.AI.4153491082 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment