Malware

Malware.AI.4161060839 malicious file

Malware Removal

The Malware.AI.4161060839 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.4161060839 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Uses Windows utilities for basic functionality
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Attempts to modify proxy settings
  • Touches a file containing cookies, possibly for information gathering
  • Collects information to fingerprint the system
  • Uses suspicious command line tools or Windows utilities

How to determine Malware.AI.4161060839?



File Info:

name: 5ACD8051035409324FAB.mlw
path: /opt/CAPEv2/storage/binaries/1b17c6306f3dd6ddaee59be34899cd5e4520cb6796935ec9ebe159b13a063b84
crc32: 5FAA454E
md5: 5acd8051035409324fab5f7db43a51ed
sha1: 7923d78af4e54c32ddbea1f0797fe3d349b84448
sha256: 1b17c6306f3dd6ddaee59be34899cd5e4520cb6796935ec9ebe159b13a063b84
sha512: 0c0acd554b3a9facb5b7d4e25f0880ac227b5da0e8a4ce33a6607894fb42f3525f121f0748b435f01cdaab0945a9c781620fd5bb2528c8dc12d2f3ba401e1aeb
ssdeep: 192:/T7daWohiDmeqYZMmv+wzv6X/SNpq7JPVXEjYG:/T7uXYZMw+9vSryVXEjb
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T117226C45F2B4D49AE8620A735D3ACFBAA5677C200E1AD78B7554FFAF3CB0104958CE90
sha3_384: 45e0ebad6c94a17d175c71fc0d310e439c28a7e3988b94fd5957ce3f5f9a76d4786d3d154fadea34b0ea09731f7c27ac
ep_bytes: 60be007040008dbe00a0ffff5783cdff
timestamp: 2010-08-30 05:59:12


Version Info:

Translation: 0x0804 0x04b0
CompanyName: ddd
ProductName: ddd
FileVersion: 1.00
ProductVersion: 1.00
InternalName: b
OriginalFilename: b.exe

Malware.AI.4161060839 also known as:

BkavW32.NumberNameHC.Fam.Worm
AVGWin32:Malware-gen
tehtrisGeneric.Malware
MicroWorld-eScanGen:Variant.Razy.722268
FireEyeGeneric.mg.5acd805103540932
SkyhighBehavesLike.Win32.Sality.lh
McAfeeGenericATG-FCNS!24E996954094
MalwarebytesMalware.AI.4161060839
VIPREGen:Variant.Razy.722268
SangforTrojan.Win32.Save.a
K7AntiVirusP2PWorm ( 001911b31 )
K7GWP2PWorm ( 001911b31 )
Cybereasonmalicious.103540
BitDefenderThetaGen:NN.ZevbaF.36802.amLfaywWFupb
VirITTrojan.Win32.VB.AHHJ
SymantecML.Attribute.HighConfidence
Elasticmalicious (moderate confidence)
ESET-NOD32a variant of Win32/VB.PHC
CynetMalicious (score: 100)
APEXMalicious
AvastWin32:Malware-gen
ClamAVWin.Downloader.Buzy-7109017-0
KasperskyTrojan-Spy.Win32.Zbot.wqrb
BitDefenderGen:Variant.Razy.722268
NANO-AntivirusTrojan.Win32.DownLoad2.ebxqvs
TencentMalware.Win32.Gencirc.10b7597a
EmsisoftGen:Variant.Razy.722268 (B)
F-SecureTrojan.TR/Crypt.XPACK.Gen
DrWebTrojan.DownLoad2.35633
ZillyaTrojan.Zbot.Win32.207929
TrendMicroTROJ_SMALL_00000c3.TOMA
SophosMal/Mdrop-DS
SentinelOneStatic AI – Malicious PE
JiangminTrojanDownloader.VB.czwx
VaristW32/VB_Troj.D.gen!Eldorado
AviraTR/Crypt.XPACK.Gen
MAXmalware (ai score=84)
Antiy-AVLTrojan[Downloader]/Win32.VB
Kingsoftmalware.kb.b.989
MicrosoftTrojan:Win32/Wacatac.B!ml
XcitiumTrojWare.Win32.VB.aicx@4mwtzs
ArcabitTrojan.Razy.DB055C
ViRobotTrojan.Win32.A.Downloader.10271[UPX]
ZoneAlarmTrojan-Spy.Win32.Zbot.wqrb
GDataGen:Variant.Razy.722268
GoogleDetected
AhnLab-V3Win-Trojan/Agent.10260.B
VBA32Trojan.VBRA.02702
ALYacGen:Variant.Razy.722268
Cylanceunsafe
PandaTrj/Genetic.gen
TrendMicro-HouseCallTROJ_SMALL_00000c3.TOMA
RisingTrojan.DL.Win32.VBcode.aqb (CLASSIC)
YandexTrojan.GenAsa!IpfolWFCnhk
IkarusTrojan-Downloader.Win32.VB
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Klink.FN!tr.dldr
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Malware.AI.4161060839?

Malware.AI.4161060839 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment