Malware

Malware.AI.4192297788 information

Malware Removal

The Malware.AI.4192297788 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Malware.AI.4192297788 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Sample contains Overlay data
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Loads a driver
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • A process created a hidden window
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Installs itself for autorun at Windows startup
  • Installs itself for autorun at Windows startup
  • Uses suspicious command line tools or Windows utilities

How to determine Malware.AI.4192297788?


File Info:

name: 2FB695E21F7852E369D4.mlw
path: /opt/CAPEv2/storage/binaries/a1061d0dea75b6ff31c21722d854834bbf77eee21d266f653b5ffa491dcfa5ba
crc32: AA42507D
md5: 2fb695e21f7852e369d46d9269735fcd
sha1: 096a4092894c7e2a3dffedeb53636d8adfe43d28
sha256: a1061d0dea75b6ff31c21722d854834bbf77eee21d266f653b5ffa491dcfa5ba
sha512: 25f7804637456f9d0fe2e4a916bf3bb2882b384d09d850c984f7cb8d7eed4b2b986467190903a593680c96eece66054d41b482b55f4768aae064b98f08d799b1
ssdeep: 6144:F+dPM2WCzScl2g96Tdgn9VuuFKOCvC5FFLPVc+fQAB2IJHW:F+dPM2WBckk6Zgm7OCK5FjtZB2IJ2
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T12E54225FC05A1849DE6CE6BE8BC90F3FB3BA4B18074097BD2A44340678756B6D96B70C
sha3_384: b3f750de342374fd6d1ab4b02d93b7841f2c417b3646f460b1e558d2084420027b803be4b4a8e43d289339346e7cc7af
ep_bytes: 60be000042008dbe0010feff57eb0b90
timestamp: 1970-01-01 00:01:21

Version Info:

0: [No Data]

Malware.AI.4192297788 also known as:

LionicTrojan.Win32.Jorik.mA4R
tehtrisGeneric.Malware
MicroWorld-eScanDropped:Trojan.GenericKD.47590374
FireEyeGeneric.mg.2fb695e21f7852e3
CAT-QuickHealTrojan.Mooqkel.8102
ALYacDropped:Trojan.GenericKD.47590374
CylanceUnsafe
VIPREDropped:Trojan.GenericKD.47590374
SangforTrojan.Win32.Save.a
K7AntiVirusAdware ( 0054956f1 )
K7GWAdware ( 0054956f1 )
Cybereasonmalicious.21f785
BaiduWin32.Trojan.Agent.abj
VirITTrojan.Win32.KillFiles.BOTE
CyrenW32/S-4fb59377!Eldorado
SymantecTrojan.Gen
Elasticmalicious (moderate confidence)
ESET-NOD32a variant of Win32/Adware.Zzinfor.K
APEXMalicious
Paloaltogeneric.ml
ClamAVWin.Trojan.Agent-1286876
KasperskyTrojan.Win32.SelfDel.asbd
BitDefenderDropped:Trojan.GenericKD.47590374
NANO-AntivirusTrojan.Win32.KillFiles.drxdvi
AvastWin32:Malware-gen
TencentWin32.Trojan.Selfdel.Hvtm
Ad-AwareDropped:Trojan.GenericKD.47590374
EmsisoftDropped:Trojan.GenericKD.47590374 (B)
ComodoTrojWare.Win32.Selfdel.DRX@5s78wy
DrWebTrojan.KillFiles.27538
ZillyaTrojan.SelfDel.Win32.49747
McAfee-GW-EditionBehavesLike.Win32.Generic.dc
Trapminemalicious.high.ml.score
SophosMal/Behav-031
SentinelOneStatic AI – Malicious PE
GDataDropped:Trojan.GenericKD.47590374
JiangminTrojan/Selfdel.atub
AviraTR/Taranis.4019
MAXmalware (ai score=82)
Antiy-AVLTrojan/Generic.ASMalwS.2162
ArcabitTrojan.Generic.D2D62BE6
ViRobotTrojan.Win32.Agent.188416.CH[UPX]
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 100)
AhnLab-V3Malware/Win32.Generic.C412799
Acronissuspicious
McAfeeGenericRXAA-FA!2FB695E21F78
TACHYONTrojan/W32.SelfDel.336760
VBA32BScope.Trojan.SvcHorse.01643
MalwarebytesMalware.AI.4192297788
RisingTrojan.Win32.Generic.18F69619 (C64:YzY0OlUjnNGWs4OC)
YandexTrojan.GenAsa!tZqojVItIZU
IkarusTrojan.Agent2
MaxSecureTrojan.SelfDel.asbd
FortinetW32/Generic.AC.40E83!tr
BitDefenderThetaGen:NN.ZexaF.34582.rmJfaiVOZ5ei
AVGWin32:Malware-gen
PandaTrj/Genetic.gen
CrowdStrikewin/malicious_confidence_70% (W)

How to remove Malware.AI.4192297788?

Malware.AI.4192297788 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment