Malware

Malware.AI.4172779417 removal tips

Malware Removal

The Malware.AI.4172779417 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.4172779417 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Guard pages use detected – possible anti-debugging.
  • Dynamic (imported) function loading detected
  • A process created a hidden window
  • Executed a very long command line or script command which may be indicative of chained commands or obfuscation
  • The binary contains an unknown PE section name indicative of packing
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • A scripting utility was executed
  • Uses Windows utilities for basic functionality
  • A script or command line contains a long continuous string indicative of obfuscation
  • Attempts to execute suspicious powershell command arguments

How to determine Malware.AI.4172779417?



File Info:

name: CA00F660D4C7E0235655.mlw
path: /opt/CAPEv2/storage/binaries/13b9568e887c0330b229629d6311385b4a06c86394201c15ee747283f59e64c4
crc32: 86BB8E73
md5: ca00f660d4c7e0235655e86f3739434c
sha1: 20d5a31f0406b2f5596ce28d83db3a291f9585b9
sha256: 13b9568e887c0330b229629d6311385b4a06c86394201c15ee747283f59e64c4
sha512: 604f1e47942a48d78a2fc4f8e3696e9bc0f1aac77209a9d0abec5dabaea97326c5d8f268e65abb2540d794c5b9eaa45a6b2f70d9ccaa57a07cbe56dbd815e49e
ssdeep: 12288:CA9GiAk+Ys2cczWwvXb86zVYNydyMUUQ3Az+3RqyRmdnrSZ:CAgRRYr
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T157F4E75219CAA0D2F46274B53571B72B1E7BB83B6AC4CEF2036C57509F6E4122297F0E
sha3_384: 6ea4aca2e007c6734ff84d16fcf101876a6561e2dd4b3afaca477486764804173ad5dfd6bda9099cf661b730de787044
ep_bytes: 558bec6aff685872410068b0fb400064
timestamp: 2022-03-10 03:09:34


Version Info:

0: [No Data]

Malware.AI.4172779417 also known as:

BkavW32.AIDetect.malware1
MicroWorld-eScanGen:Variant.Graftor.702799
FireEyeGeneric.mg.ca00f660d4c7e023
McAfeeGenericRXFT-BU!CA00F660D4C7
CylanceUnsafe
Sangfor[ARMADILLO V1.71]
K7AntiVirusTrojan ( 004bcce41 )
BitDefenderGen:Variant.Graftor.702799
K7GWTrojan ( 004bcce41 )
Cybereasonmalicious.0d4c7e
SymantecML.Attribute.HighConfidence
Elasticmalicious (moderate confidence)
ESET-NOD32a variant of Win32/Packed.BlackMoon.A potentially unwanted
APEXMalicious
ClamAVWin.Dropper.Tiggre-9845940-0
KasperskyHEUR:Trojan.Win32.Generic
RisingTrojan.Generic@AI.94 (RDMK:cmRtazo7pmWLZN0xe7d2XOT5pWhO)
Ad-AwareGen:Variant.Graftor.702799
SophosML/PE-A
ComodoPacked.Win32.MUPX.Gen@24tbus
DrWebTrojan.Siggen17.24305
McAfee-GW-EditionBehavesLike.Win32.Generic.bt
EmsisoftGen:Variant.Graftor.702799 (B)
IkarusTrojan.Win32.Injector
GDataWin32.Trojan.PSE.11N2JTZ
AviraTR/Crypt.ULPM.Gen
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
CynetMalicious (score: 100)
BitDefenderThetaGen:NN.ZexaF.34638.TmW@a8I1Rdn
ALYacGen:Variant.Graftor.702799
MAXmalware (ai score=89)
VBA32BScope.Trojan.Scar
MalwarebytesMalware.AI.4172779417
PandaTrj/GdSda.A
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/CoinMiner.WP!tr
AVGWin32:dUmPeX [Susp]
AvastWin32:dUmPeX [Susp]
CrowdStrikewin/malicious_confidence_90% (W)

How to remove Malware.AI.4172779417?

Malware.AI.4172779417 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment