Malware

Malware.AI.4196899708 removal instruction

Malware Removal

The Malware.AI.4196899708 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.4196899708 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Guard pages use detected – possible anti-debugging.
  • Dynamic (imported) function loading detected
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • CAPE detected the Kutaki malware family
  • Anomalous binary characteristics

How to determine Malware.AI.4196899708?



File Info:

name: ED530B06C608F7BE4D59.mlw
path: /opt/CAPEv2/storage/binaries/d4a69da4e9641fd682a2e76df9741197ab54c30ec7ae7f67139c3f4bd6088e18
crc32: 7CA38206
md5: ed530b06c608f7be4d5933645b9bd4b3
sha1: 37cbdcc64223a1d473900e4f48e7c52da6af483e
sha256: d4a69da4e9641fd682a2e76df9741197ab54c30ec7ae7f67139c3f4bd6088e18
sha512: 30c5743bdf17def5a1f394c16edd61d73acabf1c81d899e80c98d672347926f7305b02953c88c634651c627503b1b6ce14ac02578c3ff8aff1e8828a82f8e36e
ssdeep: 24576:azkWYldr5HE+wS7aPK3v9oE3IfFAnQD2fmP/UDMS08Ckn3z:GkWk5cS7a+9XYaQCfmP/SA8Nj
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1E855C0079D458A83E46897F8BE034DBC6B563B1DEA8336FF15125EDB3D206210C9E52E
sha3_384: 51b45823c210b7522084614895e2001e54870fa953e5e590d71170fa34428cacb58c41776783f81e73b1817e68cb0b12
ep_bytes: 684c484000e8eeffffff000000000000
timestamp: 2022-07-03 11:28:44


Version Info:

Translation: 0x0409 0x04b0
CompanyName: None
ProductName: Saver 1.0
FileVersion: 3.01.0007
ProductVersion: 3.01.0007
InternalName: 4
OriginalFilename: 4.exe

Malware.AI.4196899708 also known as:

BkavW32.AIDetect.malware2
tehtrisGeneric.Malware
FireEyeGeneric.mg.ed530b06c608f7be
CAT-QuickHealTrojan.Keylogger.S25879104
CylanceUnsafe
CrowdStrikewin/malicious_confidence_100% (D)
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Spy.KeyLogger.NJK
TrendMicro-HouseCallTSPY_VBKEYLOG.SM
KasperskyVHO:Backdoor.Win32.CosmicDuke.gen
RisingStealer.Kutaki!1.D278 (CLASSIC)
SophosMal/Generic-S
F-SecureHeuristic.HEUR/AGEN.1239053
TrendMicroTSPY_VBKEYLOG.SM
SentinelOneStatic AI – Malicious PE
Trapminemalicious.moderate.ml.score
APEXMalicious
AviraHEUR/AGEN.1239053
MicrosoftTrojan:Win32/Wacatac.B!ml
ZoneAlarmVHO:Backdoor.Win32.CosmicDuke.gen
CynetMalicious (score: 100)
MalwarebytesMalware.AI.4196899708
IkarusTrojan-Spy.Agent
FortinetW32/KeyLogger.ODN!tr
AVGWin32:Kutaki-A [Spy]
Cybereasonmalicious.64223a
AvastWin32:Kutaki-A [Spy]

How to remove Malware.AI.4196899708?

Malware.AI.4196899708 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment