Malware

Should I remove “Malware.AI.4177440787”?

Malware Removal

The Malware.AI.4177440787 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.4177440787 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Creates RWX memory
  • Guard pages use detected – possible anti-debugging.
  • Dynamic (imported) function loading detected
  • Starts servers listening on 127.0.0.1:0, 0.0.0.0:10, 0.0.0.0:21, 0.0.0.0:22, 0.0.0.0:80, 0.0.0.0:81, 0.0.0.0:136, 0.0.0.0:411, 0.0.0.0:412, 0.0.0.0:666, 0.0.0.0:1433, 0.0.0.0:1434, 0.0.0.0:2012, 0.0.0.0:2013, 0.0.0.0:3306, 0.0.0.0:3307, 0.0.0.0:3308, 0.0.0.0:3309
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid

How to determine Malware.AI.4177440787?



File Info:

name: 4C9E0EDC34BA1389D8B4.mlw
path: /opt/CAPEv2/storage/binaries/cddee6736c691b4f9a1d8515cf28fab15ae3548dd52b873bbfd9a5b286b53a45
crc32: 8A8BB5D6
md5: 4c9e0edc34ba1389d8b40a30cd184f44
sha1: 4c8cc303495366eef6d7f54d93162a2fe60f2a7f
sha256: cddee6736c691b4f9a1d8515cf28fab15ae3548dd52b873bbfd9a5b286b53a45
sha512: e2cabc0fcb17d99c5059a5e7ee63854beb4c5b2d0ef3eeb82c660fe2f39ec886e194cc4b0aef3bc684bda1dddb2e4559b33b4dd7b4cd5b2e7c9e5f24a3c10cda
ssdeep: 768:zfJ2ZUsAZSYKnP5vbhpSqSaXRwqWbN1qIs7gZdy2JgmKr3JhrI7zYcCeH:zfi6ZInhOqS4Rgc7AdXJor3IJH
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T131133A0523D88737C6BE8B391862021546F1AE029912EF2E7DD870EE5DF77504F22BA7
sha3_384: 44e75c0f2eb544ea4bf170e5e3fb8d8b4ee513e82ad69cdee3f8b2f2663509c80110cdc3c5c963414132809b8a3566d1
ep_bytes: ff250020400000000000000000000000
timestamp: 2009-03-08 00:24:14


Version Info:

Translation: 0x0000 0x04b0
FileDescription:  
FileVersion: 1.0.0.0
InternalName: W3bPr0xy Tr0j4n.exe
LegalCopyright: Copyright ©  2009
OriginalFilename: W3bPr0xy Tr0j4n.exe
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Malware.AI.4177440787 also known as:

LionicTrojan.MSIL.Agent.8!c
Elasticmalicious (moderate confidence)
MicroWorld-eScanGen:Variant.Razy.713681
ALYacGen:Variant.Razy.713681
CylanceUnsafe
SangforTrojan.MSIL.Agent.k
K7AntiVirusTrojan ( 0055e3e71 )
AlibabaTrojanClicker:MSIL/Click.5f8232b1
K7GWTrojan ( 0055e3e71 )
Cybereasonmalicious.c34ba1
ESET-NOD32MSIL/Agent.NAI
APEXMalicious
Paloaltogeneric.ml
KasperskyTrojan-Clicker.MSIL.Agent.k
BitDefenderGen:Variant.Razy.713681
AvastWin32:Trojan-gen
TencentMalware.Win32.Gencirc.114d9958
Ad-AwareGen:Variant.Razy.713681
EmsisoftGen:Variant.Razy.713681 (B)
DrWebTrojan.DownLoader12.55940
McAfee-GW-EditionArtemis
FireEyeGeneric.mg.4c9e0edc34ba1389
SophosMal/Generic-S
SentinelOneStatic AI – Malicious PE
GDataGen:Variant.Razy.713681
AviraTR/Click.MSIL.Agent.k
KingsoftWin32.Troj.AdClicker.(kcloud)
ArcabitTrojan.Razy.DAE3D1
ViRobotTrojan.Win32.Z.Razy.41823
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 99)
AhnLab-V3Trojan/Win32.RL_Agent.C4195691
McAfeeArtemis!4C9E0EDC34BA
MAXmalware (ai score=85)
VBA32TrojanClicker.MSIL.Agent
MalwarebytesMalware.AI.4177440787
YandexTrojan.CL.Agent!5hE1DjzjPgA
IkarusTrojan.MSIL.Agent
MaxSecureTrojan.Malware.300983.susgen
FortinetMSIL/Generic.DN.11AA31!tr
BitDefenderThetaGen:NN.ZemsilF.34712.cq1@aCAaX7o
AVGWin32:Trojan-gen
PandaGeneric Malware
CrowdStrikewin/malicious_confidence_90% (W)

How to remove Malware.AI.4177440787?

Malware.AI.4177440787 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment