Malware

Malware.AI.4160409711 information

Malware Removal

The Malware.AI.4160409711 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.4160409711 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Attempts to connect to a dead IP:Port (1 unique times)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • NtSetInformationThread: attempt to hide thread from debugger
  • Dynamic (imported) function loading detected
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Deletes its original binary from disk
  • Sniffs keystrokes
  • Installs an hook procedure to monitor for mouse events
  • Installs itself for autorun at Windows startup
  • CAPE detected the BitRAT malware family
  • Creates a copy of itself

How to determine Malware.AI.4160409711?



File Info:

name: 430ADA4BC014EFDE2360.mlw
path: /opt/CAPEv2/storage/binaries/d209db5ea5b4050169450cef038d7400b43876bc9c7ae074cb26167ed6d18a17
crc32: 056A1095
md5: 430ada4bc014efde236039a7aad417ab
sha1: a41674350bb9e19e4c92244111c6817f915277fe
sha256: d209db5ea5b4050169450cef038d7400b43876bc9c7ae074cb26167ed6d18a17
sha512: 7148793a22f640e6ada3b9c71e5816911ec8f7dea36e82f1aef6c6c80367a7a3138d20d598f59990f93108219592a2804759016363ed58d284c2273d764353cf
ssdeep: 24576:/b4EBURvi1bT8xleZUaEvYoZ5PBYl4c94wtfUC396NmrAkAbOsNY0o4o:/bzBVGeKp3Y4gN96NmEHbOSY0y
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1356533DDAE6CD878F5C41FB0420AE720845D26744B9AFF649B7EE5430ABE29063C5B43
sha3_384: 1e472357523e9f8fb637ac0f8ae07eb784aac52ed2b71285f6aadce57f608d28433289f5b25d9ded71341a6b9cf1cc78
ep_bytes: 60be001067008dbe0000d9ffc787c4d8
timestamp: 2021-02-04 21:32:01


Version Info:

0: [No Data]

Malware.AI.4160409711 also known as:

LionicTrojan.Win32.Solmyr.l!c
Elasticmalicious (high confidence)
DrWebTrojan.Siggen11.61841
MicroWorld-eScanGen:Variant.Graftor.833606
FireEyeGeneric.mg.430ada4bc014efde
ALYacGen:Variant.Graftor.833606
CylanceUnsafe
ZillyaTrojan.Agent.Win32.1837670
SangforTrojan.Win32.Agent.ACBZ
K7AntiVirusTrojan ( 00569be91 )
AlibabaTrojan:Win32/Starter.ali2000005
K7GWTrojan ( 00569be91 )
Cybereasonmalicious.bc014e
BitDefenderThetaAI:Packer.B520ACEC1E
CyrenW32/Injector.A.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Agent.ACBZ
TrendMicro-HouseCallTROJ_GEN.R002C0DK921
Paloaltogeneric.ml
ClamAVWin.Malware.Mikey-9819889-0
KasperskyHEUR:Trojan-Spy.Win32.Solmyr.vho
BitDefenderGen:Variant.Graftor.833606
NANO-AntivirusTrojan.Win32.Solmyr.ijixwm
AvastWin32:RATX-gen [Trj]
TencentMalware.Win32.Gencirc.10ce3910
EmsisoftGen:Variant.Graftor.833606 (B)
VIPRETrojan.Win32.Generic!BT
TrendMicroTROJ_GEN.R002C0DK921
McAfee-GW-EditionBehavesLike.Win32.Trickbot.tc
SentinelOneStatic AI – Malicious PE
SophosML/PE-A
IkarusTrojan.MalPack
JiangminTrojanSpy.Solmyr.av
AviraTR/Crypt.ULPM.Gen
Antiy-AVLTrojan/Generic.ASMalwS.3141CCA
MicrosoftBackdoor:Win32/ParalaxRat.STD
GDataWin32.Trojan.PSE.4GFHR0
CynetMalicious (score: 100)
AhnLab-V3Malware/Gen.Reputation.C4261324
McAfeeGenericRXAA-AA!430ADA4BC014
VBA32TrojanSpy.Solmyr
MalwarebytesMalware.AI.4160409711
APEXMalicious
RisingBackdoor.BitRAT!1.CD8B (CLOUD)
YandexTrojan.Agent!5cmSzHsoubs
MAXmalware (ai score=87)
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Agent.ACBZ!tr
AVGWin32:RATX-gen [Trj]
PandaTrj/Genetic.gen
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Malware.AI.4160409711?

Malware.AI.4160409711 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment