Malware

What is “Malware.AI.4185541474”?

Malware Removal

The Malware.AI.4185541474 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.4185541474 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Possible date expiration check, exits too soon after checking local time
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Behavioural detection: Injection (Process Hollowing)
  • Executed a process and injected code into it, probably while unpacking
  • Behavioural detection: Injection (inter-process)
  • Checks for the presence of known windows from debuggers and forensic tools

How to determine Malware.AI.4185541474?



File Info:

name: B9CDD9BA6C75C7B7785A.mlw
path: /opt/CAPEv2/storage/binaries/f2b029a26f700a0790cffabee677c59f9d7099341bbb1219f556960d8a9fe530
crc32: 9AC75B76
md5: b9cdd9ba6c75c7b7785aaf4e1d9b315f
sha1: faaca26edc72fb90fd602d09f8830c8f7ec02c31
sha256: f2b029a26f700a0790cffabee677c59f9d7099341bbb1219f556960d8a9fe530
sha512: ed5a1cfad9cf57e91ae576141a10737241dbcaa4904a6c0389e73d83dfb1b56b96bc49903fefcd7432fecb600b2b7ea32843953668a222b0f35388ad7ed33f36
ssdeep: 98304:GKCCniwoOtoX0cIOr8FNaGWqTuF6zcDWAJ85DrCsoL6UBClDidQ2WXQ20+joFhbc:rS6Or8/5FuF6SWT5DrW1M4lhb+sIoDCB
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T171560245EB4B44B6DC7339744493DFFB12223E06C028AD2EEA1976F2CFB2EB19416915
sha3_384: 18df90028415182ec606f4613afcc72a7b7bcd9e2e53e5ac9a8a4abf966320d6327e35bcf1f250d5eaa2fa675fd832ea
ep_bytes: 83ec1cc7042402000000ff1534034900
timestamp: 2013-08-27 22:35:37


Version Info:

FileVersion: 3.1.0.0
Comments: This tool is used to patch mbot's "Not logged in" error when NoEX's Website is down (the one who cracked the mbot)
FileDescription: by Daryll - Dedicated to QueenSRO FUN Server
ProductVersion: 3.3.8.1
LegalCopyright: Daryll
Translation: 0x0809 0x04b0

Malware.AI.4185541474 also known as:

BkavW32.AIDetect.malware2
LionicRiskware.Win32.Inject.1!c
MicroWorld-eScanGen:Variant.Strictor.148663
FireEyeGeneric.mg.b9cdd9ba6c75c7b7
CAT-QuickHealTrojan.Skeeyah.11549
VIPRETrojan.Win32.Generic!BT
SangforRiskware.Win32.Inject.nl
K7AntiVirusTrojan ( 00490ab91 )
BitDefenderGen:Variant.Strictor.148663
K7GWTrojan ( 00490ab91 )
Cybereasonmalicious.a6c75c
VirITTrojan.Win32.Generic.RFB
SymantecTrojan.Gen.2
ESET-NOD32a variant of Win32/Injector.ASME
APEXMalicious
Paloaltogeneric.ml
ClamAVWin.Trojan.Graftor-5540
Kasperskynot-a-virus:RiskTool.Win32.Inject.nl
AlibabaRiskWare:Win32/Inject.dd4ce03a
NANO-AntivirusTrojan.Win32.Dwn.cqidzc
RisingTrojan.Dynamer!8.3A0 (CLOUD)
Ad-AwareGen:Variant.Strictor.148663
SophosMal/Generic-S
ComodoMalware@#2xiqdfmu01kmp
ZillyaTrojan.Inject.Win32.74200
McAfee-GW-EditionBehavesLike.Win32.Generic.tc
EmsisoftGen:Variant.Strictor.148663 (B)
JiangminTrojan/Inject.atfb
WebrootW32.Malware.Gen
AviraTR/Dropper.Gen7
MAXmalware (ai score=100)
KingsoftWin32.Troj.Generic_a.a.(kcloud)
GridinsoftRansom.Win32.Skeeyah.sa
GDataGen:Variant.Strictor.148663
CynetMalicious (score: 99)
BitDefenderThetaGen:NN.ZexaF.34212.@N3@aq!TC0oi
ALYacGen:Variant.Strictor.148663
VBA32Trojan.Inject
MalwarebytesMalware.AI.4185541474
PandaTrj/Genetic.gen
TrendMicro-HouseCallTROJ_GEN.R002C0DLT21
TencentMalware.Win32.Gencirc.10b45068
YandexTrojan.GenAsa!6lAD4b3nhj8
IkarusTrojan.Win32.Injector
FortinetW32/Injector.ASME!tr
AVGWin32:Injector-COG [Trj]
AvastWin32:Injector-COG [Trj]

How to remove Malware.AI.4185541474?

Malware.AI.4185541474 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment