Malware.AI.4190422941 (file analysis)

The Malware.AI.4190422941 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.4190422941 virus can do?

Drops a binary and executes it
The binary contains an unknown PE section name indicative of packing
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid

How to determine Malware.AI.4190422941?


File Info:
name: AFAA055E2289D17C3557.mlw
path: /opt/CAPEv2/storage/binaries/01934ea599de9ebe70277bb5134913458d9edbc9c269435c24635710951b78b0
crc32: D50FB33A
md5: afaa055e2289d17c35578aae0ea3fa41
sha1: af9c2eeb82c269e165333aa6a738c406566c82de
sha256: 01934ea599de9ebe70277bb5134913458d9edbc9c269435c24635710951b78b0
sha512: 6a946f50fa0edc768e4c0d8bf78406431411796b6c59a8ead1baa1483fafdac290501d8b1889d3cdd1a66849c0f31b74792ec883a73438d0b227f24968925ea4
ssdeep: 12288:7WYqnwTrEB888888888888W88888888888EyyLt/3Y6kmw5BFXvg0qrjoPtzeg:SYqwTYMfLt/Xmbo0qrjoPdeg
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T183B4F102F3C30872F57A19B89865A154BC1BBA782FE0601BBCF8DD4F44BD2D25878D96
sha3_384: 17777b3fa67aed2337c4833841cbebe7273fa047f3a0d011ef3c9d6c720b52397846cde97d0ef9008777fe6ed11aaa50
ep_bytes: 558becb9080000006a006a004975f953
timestamp: 2013-10-31 10:13:11

Version Info:
CompanyName: IObit
FileDescription: Driver Backup Package
FileVersion: 1.1.0.0
InternalName: UpdateDB
LegalCopyright: Copyright© 2013 IObit. All Rights Reserved.
LegalTrademarks: IObit
OriginalFilename: SfxStub.exe
ProductName: Driver Booster
ProductVersion: 1.1.0.0
Comments: Driver Database Updater
Translation: 0x0409 0x04e4

Malware.AI.4190422941 also known as:

Bkav	W32.Common.CD9C8D87
Lionic	Trojan.Win32.Generic.4!c
MicroWorld-eScan	Trojan.GenericKD.39571755
CAT-QuickHeal	Trojan.GenericPMF.S4954728
Skyhigh	BehavesLike.Win32.Generic.hc
ALYac	Trojan.GenericKD.39571755
Malwarebytes	Malware.AI.4190422941
VIPRE	Trojan.GenericKD.39571755
Sangfor	Trojan.Win32.Save.a
BitDefender	Trojan.GenericKD.39571755
Cybereason	malicious.b82c26
BitDefenderTheta	AI:Packer.759C860817
Elastic	malicious (moderate confidence)
APEX	Malicious
ClamAV	Win.Dropper.Genericrxjd-9884871-0
Rising	Trojan.Generic@AI.100 (RDML:qUqIGxdhmcKZDT9ykvN8pQ)
Sophos	Generic Reputation PUA (PUA)
Trapmine	malicious.high.ml.score
FireEye	Trojan.GenericKD.39571755
Emsisoft	Trojan.GenericKD.39571755 (B)
SentinelOne	Static AI – Suspicious PE
Jiangmin	Packed.Dico.dxt
Google	Detected
Varist	W32/Jacard.A.gen!Eldorado
Antiy-AVL	Trojan/Win32.Ashify.j
Kingsoft	malware.kb.a.994
Arcabit	Trojan.Generic.D25BD12B
GData	Trojan.GenericKD.39571755
Cynet	Malicious (score: 100)
VBA32	Trojan.Wacatac
MAX	malware (ai score=82)
DeepInstinct	MALICIOUS
Cylance	unsafe
TrendMicro-HouseCall	TROJ_GEN.R002H0CD823
Ikarus	Trojan.Yarwi
MaxSecure	Trojan.Malware.206067572.susgen
Fortinet	W32/Agent.YARW!tr

How to remove Malware.AI.4190422941?

Malware.AI.4190422941 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X