Malware.AI.4159514790 (file analysis)

The Malware.AI.4159514790 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.4159514790 virus can do?

Behavioural detection: Executable code extraction – unpacking
Dynamic (imported) function loading detected
Authenticode signature is invalid

How to determine Malware.AI.4159514790?


File Info:
name: D637A11FF8D0AEE35280.mlw
path: /opt/CAPEv2/storage/binaries/e4202d09abe535b4ee69b18b809933e2c480819ef3563bff7d998e4cf9bc56bd
crc32: 3D6CBA4C
md5: d637a11ff8d0aee35280a1444a20e908
sha1: 914d749acbd4499f7f4219a2be795356d59c8b75
sha256: e4202d09abe535b4ee69b18b809933e2c480819ef3563bff7d998e4cf9bc56bd
sha512: 2e95c96e86a8428b61ab19d0898b8e7c4127cd0fb4e161f252982f6e2e8c8fcc92b953bb24ec075f30cd15f4dda03e87f50287c14044b8bc1a163bc5e46e7c97
ssdeep: 1536:gfjA0oCMDY2cGubCjop0Bx4DB5Wblv+Dgv9K7:g32A0BSDB5Wblv+EvM7
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1FCA3C733BA84A06AF1A289B17C24E55A38363E350950DC1FF7859F592472AD3B9F131F
sha3_384: 2f99a9f02423e577b0d409c087fef0218971177625cd9ee8ef7d998b7aa4e002bc57a2b00cec42fe689e229e6bb01dcc
ep_bytes: 6858364000e8f0ffffff000000000000
timestamp: 2010-02-22 17:16:05

Version Info:
Translation: 0x0409 0x04b0
ProductName: Microsoft Windows Operating System
FileVersion: 6.01
ProductVersion: 6.01
InternalName: system
OriginalFilename: system.exe

Malware.AI.4159514790 also known as:

Lionic	Trojan.Win32.Dycler.b!c
Elastic	malicious (high confidence)
MicroWorld-eScan	DeepScan:Generic.Malware.FPYVdPk!.9BD72DBA
FireEye	Generic.mg.d637a11ff8d0aee3
ALYac	DeepScan:Generic.Malware.FPYVdPk!.9BD72DBA
Cylance	Unsafe
Zillya	Dropper.Dycler.Win32.1833
K7AntiVirus	P2PWorm ( 0055e3ea1 )
Alibaba	TrojanDropper:Win32/Dycler.7fd7f4e1
K7GW	P2PWorm ( 0055e3ea1 )
CrowdStrike	win/malicious_confidence_90% (W)
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/VB.NXF
APEX	Malicious
Kaspersky	Trojan-Dropper.Win32.Dycler.viz
BitDefender	DeepScan:Generic.Malware.FPYVdPk!.9BD72DBA
Avast	Win32:Malware-gen
Tencent	Win32.Trojan-dropper.Dycler.Wpsx
Ad-Aware	DeepScan:Generic.Malware.FPYVdPk!.9BD72DBA
Sophos	Mal/Generic-R + Mal/VBbl-PP
DrWeb	Trojan.MulDrop3.49536
VIPRE	Trojan.Win32.Generic!BT
TrendMicro	TROJ_GEN.R002C0PL421
McAfee-GW-Edition	BehavesLike.Win32.VBObfus.cm
Emsisoft	DeepScan:Generic.Malware.FPYVdPk!.9BD72DBA (B)
Ikarus	Worm.Win32.VB
GData	DeepScan:Generic.Malware.FPYVdPk!.9BD72DBA
Jiangmin	TrojanDropper.Dycler.qa
Avira	TR/Dropper.Gen
MAX	malware (ai score=81)
Antiy-AVL	Trojan/Win32.AGeneric
Gridinsoft	Ransom.Win32.Wacatac.sa
Arcabit	DeepScan:Generic.Malware.FPYVdPk!.9BD72DBA
Microsoft	Trojan:Win32/Woreflint.A!cl
Cynet	Malicious (score: 100)
McAfee	GenericRXFM-SL!D637A11FF8D0
VBA32	TrojanDropper.Dycler
Malwarebytes	Malware.AI.4159514790
TrendMicro-HouseCall	TROJ_GEN.R002C0PL421
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/PossibleThreat
BitDefenderTheta	Gen:NN.ZevbaF.34062.gm0@au2MEeni
AVG	Win32:Malware-gen
Cybereason	malicious.ff8d0a
Panda	Trj/CI.A

How to remove Malware.AI.4159514790?

Malware.AI.4159514790 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X