Malware

Malware.AI.4180012491 (file analysis)

Malware Removal

The Malware.AI.4180012491 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.4180012491 virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • Network activity detected but not expressed in API logs

How to determine Malware.AI.4180012491?



File Info:

crc32: 67E26BCF
md5: 506eb8d9d1fb15cff43346df8641592d
name: 506EB8D9D1FB15CFF43346DF8641592D.mlw
sha1: 146aa16a01d223e82ba9de926bb02766be17f055
sha256: 0562e8fda1bba15c3cf5ad66ceb79599e157a0fc5abbd0b1c59342a0ed352cdb
sha512: fc2cda067da606ba400ac8eb10ab71220baffb92dd2bf8b6b3d0304516a7a65c2ee68d189d70c3e0f9731a1c98cfa6c6dc961be92fafaa082533420ff4dff03d
ssdeep: 24576:X+WJpneD76Vx6ZsXsAJxa/J82pw6BCJdJRbV3N31HgI4XPJmNhtSimL9Z+2kibhd:OqeAgZs8Ixax822OYRTs8mLD+olVb
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright:                                                                                                     
FileVersion:                     
CompanyName: Tof                                                         
Comments: This installation was built with Inno Setup.
ProductName: Pamudog                                                     
ProductVersion: 3.3                 
FileDescription: Pamudog Setup                                               
Translation: 0x0000 0x04b0

Malware.AI.4180012491 also known as:

LionicAdware.Win32.DealPly.2!c
ALYacApplication.DealAgent.CRE
CylanceUnsafe
SangforAdware.Win32.DealPly.dkadw
CrowdStrikewin/malicious_confidence_100% (D)
AlibabaAdWare:Win32/InstallCore.752a152b
Cybereasonmalicious.9d1fb1
SymantecTrojan.Gen.MBT
ESET-NOD32Win32/InstallCore.Gen.A potentially unwanted
AvastFileRepMetagen [PUP]
Kasperskynot-a-virus:AdWare.Win32.DealPly.dkadw
BitDefenderApplication.DealAgent.CRE
NANO-AntivirusVirus.InnoSetup.Gen.ccng
MicroWorld-eScanApplication.DealAgent.CRE
Ad-AwareApplication.DealAgent.CRE
SophosInnoMod (PUA)
ComodoApplicUnwnt@#18psfhmldmbzk
VIPRETrojan.Win32.Generic!BT
McAfee-GW-EditionArtemis
FireEyeApplication.DealAgent.CRE
EmsisoftApplication.DealAgent.CRE (B)
SentinelOneStatic AI – Suspicious PE
JiangminAdWare.DealPly.mnvn
WebrootW32.Adware.Gen
MicrosoftTrojan:Win32/Wacatac.A!ml
GDataWin32.Application.InstallCore.LX
McAfeeArtemis!506EB8D9D1FB
MAXmalware (ai score=94)
VBA32Malware-Cryptor.2LA.gen
MalwarebytesMalware.AI.4180012491
PandaTrj/CI.A
RisingAdware.InstallCore!1.AB2C (CLASSIC)
YandexPUA.DealPly!Mhx8e1mJUgU
FortinetAdware/DealPly
AVGFileRepMetagen [PUP]

How to remove Malware.AI.4180012491?

Malware.AI.4180012491 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment