Malware.AI.4153492442 (file analysis)

The Malware.AI.4153492442 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.4153492442 virus can do?

CAPE extracted potentially suspicious content
Authenticode signature is invalid
CAPE detected the RedLine malware family
Anomalous binary characteristics
Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Malware.AI.4153492442?


File Info:
name: A19452FC78AE4839BEA6.mlw
path: /opt/CAPEv2/storage/binaries/aec512e4bc26e6627ab1efeac931dc4327acb43f232db354b7e445f86c92908d
crc32: DB2711A1
md5: a19452fc78ae4839bea6bc4f95b3f92a
sha1: da68f4d91152cb1d7a1ee2ce86ce3e98a08427db
sha256: aec512e4bc26e6627ab1efeac931dc4327acb43f232db354b7e445f86c92908d
sha512: b3910b088bba496c62ee854dde5de7704d0e9396990a7090bc32889e1baefc70c8cb420d8ab41c6c0e79ae4cc2b2a2f0c15bd8aed887fa21083966c20c931ebe
ssdeep: 6144:lDKW1Lgbdl0TBBvjc/92ya7Crc0++Uybv:dh1Lk70Tnvjc1Ecc0++Ue
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T11FB4B08F2B149073C9B1A67CC69A87B14F94AFD18D159DC63379FE880F35692A0390F9
sha3_384: dee17739fe2075717dc84b4f36ff7d058230eaafd25bb8188ca992246460a034efe9de0d588021437764f06783f60589
ep_bytes: e8e15c0000e9a4feffff8bff558bec83
timestamp: 2012-07-13 22:47:16

Version Info:
Translation: 0x0000 0x04b0
Comments: This service enables mobile applications to communicate with TheraOffice.
CompanyName: Hands On Technology Inc.
FileDescription: TheraOffice Mobile Application Server
FileVersion: 14.1.0.6
InternalName: TheraOffice Mobile Application Server.exe
LegalCopyright: Copyright ©  2013
LegalTrademarks: 
OriginalFilename: TheraOffice Mobile Application Server.exe
ProductName: TheraOffice
ProductVersion: 14.1.0.6
Assembly Version: 14.1.0.6

Malware.AI.4153492442 also known as:

Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.Generic.myc9
Cynet	Malicious (score: 100)
FireEye	Generic.mg.a19452fc78ae4839
Cylance	unsafe
Zillya	Adware.BrowseFox.Win32.292479
Sangfor	Trojan.Win32.Save.a
Alibaba	TrojanSpy:MSIL/KeyLogger.483d6d74
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
APEX	Malicious
Kaspersky	VHO:Backdoor.MSIL.Bladabindi.gen
Trapmine	suspicious.low.ml.score
Sophos	Generic Reputation PUA (PUA)
SentinelOne	Static AI – Malicious PE
Antiy-AVL	Trojan[Backdoor]/MSIL.Bladabindi
Kingsoft	malware.kb.a.996
Google	Detected
VBA32	TrojanSpy.MSIL.Keylogger
Malwarebytes	Malware.AI.4153492442
TrendMicro-HouseCall	TROJ_GEN.R002V01K623
Rising	Trojan.Generic@AI.99 (RDML:dNaSHUHV9/yFSHgm2d+1Mg)
Ikarus	Trojan.MSIL.Crypt
MaxSecure	Trojan.Malware.300983.susgen
DeepInstinct	MALICIOUS

How to remove Malware.AI.4153492442?

Malware.AI.4153492442 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X