Malware.AI.4175046890 malicious file

The Malware.AI.4175046890 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.4175046890 virus can do?

Unconventionial language used in binary resources: Chinese (Simplified)
The binary contains an unknown PE section name indicative of packing
The executable is compressed using UPX
Authenticode signature is invalid

How to determine Malware.AI.4175046890?


File Info:
name: 4BB49410985598A432F4.mlw
path: /opt/CAPEv2/storage/binaries/df748d347ecb4c19cdec98a73877f002fe85e6a35b2724fbcba62c148f91b3b8
crc32: 72A62D9F
md5: 4bb49410985598a432f423432e965adf
sha1: d18cca459972afdd7b9a248a984996e64569bf0d
sha256: df748d347ecb4c19cdec98a73877f002fe85e6a35b2724fbcba62c148f91b3b8
sha512: 4c6211b448c8657408e0a553d43734d3b6f745baf93f16831aad8566ce62ada5d74fe0537b0215ef3ee616bb14aa71be953e0bdbc5eb700c543074d7d7d841a7
ssdeep: 3072:Oyv3uRg8ItkRUWg9LvVe/mC5Ol8dSyqH1Ml:OxgxP9WZqK
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T16BC41302A9054585C81D8A743C3D6E3766EB6F6CDE3CB1C6DF25FE8298B3C9D10582E9
sha3_384: fff866926e4f8f69b794ab7194df9eae5415518cb3f7a68722afbcd986aeb93ea58052ca761f522d0811c7c19269dd3b
ep_bytes: 68c41d4000e8f0ffffff000040000000
timestamp: 2010-10-14 17:02:48

Version Info:
0: [No Data]

Malware.AI.4175046890 also known as:

Bkav	W32.AIDetect.malware2
Lionic	Trojan.Win32.QQShou.i!c
tehtris	Generic.Malware
DrWeb	Trojan.PWS.Qqshou.756
MicroWorld-eScan	Gen:Variant.Bulz.602808
FireEye	Generic.mg.4bb49410985598a4
McAfee	RDN/Generic PWS.y
Cylance	Unsafe
Sangfor	[MICROSOFT VISUAL BASIC V6.0]
K7AntiVirus	Trojan ( 004bcce41 )
K7GW	Trojan ( 004bcce41 )
Cybereason	malicious.098559
Arcabit	Trojan.Bulz.D932B8
BitDefenderTheta	AI:Packer.7EC17C0721
Cyren	W32/VBcrypt.I.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (moderate confidence)
ClamAV	Win.Malware.Qqshou-9886603-0
Kaspersky	Trojan-PSW.Win32.QQShou.pjr
BitDefender	Gen:Variant.Bulz.602808
NANO-Antivirus	Trojan.Win32.QQShou.uykub
Avast	Win32:Malware-gen
Tencent	Win32.Trojan-qqpass.Qqrob.Pgdg
Ad-Aware	Gen:Variant.Bulz.602808
Emsisoft	Gen:Variant.Bulz.602808 (B)
Comodo	Packed.Win32.MUPX.Gen@24tbus
Zillya	Trojan.QQShou.Win32.1102
McAfee-GW-Edition	RDN/Generic PWS.y
Sophos	Mal/Generic-S
Ikarus	Trojan-Clicker.Win32.VB
Jiangmin	Trojan.Generic.ybea
Webroot	W32.Malware.Heur
Avira	TR/Dropper.Gen
Kingsoft	Win32.PSWTroj.QQShou.a.(kcloud)
Microsoft	Trojan:Win32/Wacatac.B!ml
ViRobot	Trojan.Win32.A.PSW-QQShou.566784.B
GData	Gen:Variant.Bulz.602808
Cynet	Malicious (score: 100)
AhnLab-V3	Trojan/Win.QQShou.R490434
ALYac	Gen:Variant.Bulz.602808
MAX	malware (ai score=82)
Malwarebytes	Malware.AI.4175046890
APEX	Malicious
Rising	Trojan.Win32.Generic.12C8FCF0 (C64:YzY0Ogm58DiERo1B)
Yandex	Trojan.PWS.QQShou!taihoMqW840
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/VB.NII!tr
AVG	Win32:Malware-gen
Panda	Generic Malware
CrowdStrike	win/malicious_confidence_100% (W)

How to remove Malware.AI.4175046890?

Malware.AI.4175046890 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X