Malware.AI.4220493279 information

The Malware.AI.4220493279 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.4220493279 virus can do?

Sample contains Overlay data
Reads data out of its own binary image
Unconventionial binary language: Chinese (Simplified)
Unconventionial language used in binary resources: Chinese (Simplified)
Authenticode signature is invalid

How to determine Malware.AI.4220493279?


File Info:
name: A4815681340EB6D59CE2.mlw
path: /opt/CAPEv2/storage/binaries/9c3b0e4670cca058e1b82dab27b9d9ed6c14e7ac8809dd0a4b0c7f94ac3251eb
crc32: 5315B386
md5: a4815681340eb6d59ce2387d8acc8232
sha1: 0bf0c3e9a71671b610095f264cd9606a76069c74
sha256: 9c3b0e4670cca058e1b82dab27b9d9ed6c14e7ac8809dd0a4b0c7f94ac3251eb
sha512: e80283edef6c2447e6958f1f275a9187497a21976c211ba51bf86a962751f603d11d0cfea9157363db4249ef4d34ad2761bc634a3685cd875cbadcba2e60ebc8
ssdeep: 12288:tCsqwvXRJmrE7vJSUMWrvnRmsXhmaJ4Kqf3gQ6rsnXVplZgI1Jzb5/b6:tlZvXLKEIUMeIIH4dYQ6YrHgI1Nb1+
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T128F4237B229CD857E29A19F81BF09E258A79FE372383644323047EE335765D758A803D
sha3_384: 78cfd7d9d03ca5cca8a50430256cbc37c809d09e0d17373fb877fe14a2996d0a9d2bd8f5cbf1b9c751917433663a8876
ep_bytes: 81ec8001000053555633db57895c2418
timestamp: 2009-12-05 22:50:46

Version Info:
CompanyName: www.bearpc.net
FileDescription: 愤怒的小鸟PC汉化版
FileVersion: 1.0.0
LegalCopyright: BEARPC精选软件集
ProductName: 愤怒的小鸟
Translation: 0x0804 0x03a8

Malware.AI.4220493279 also known as:

Elastic	malicious (moderate confidence)
MicroWorld-eScan	Gen:Variant.Bulz.256291
CAT-QuickHeal	Application.Agent.ZZ5
McAfee	Artemis!A4815681340E
Cylance	Unsafe
VIPRE	Gen:Variant.Bulz.256291
K7AntiVirus	Unwanted-Program ( 0040f9f81 )
K7GW	Unwanted-Program ( 0040f9f81 )
Cybereason	malicious.1340eb
Cyren	W32/Adware.QSLK-0351
ESET-NOD32	NSIS/TrojanDownloader.Chindo.R
APEX	Malicious
TrendMicro-HouseCall	TROJ_GEN.R067C0OJ122
Kaspersky	HEUR:Trojan.Win32.Bingoml.gen
BitDefender	Gen:Variant.Bulz.256291
NANO-Antivirus	Riskware.Win32.Wews87.fcdlba
Avast	NSIS:Downloader-ABR [Trj]
Ad-Aware	Gen:Variant.Bulz.256291
Sophos	BearPC (PUA)
Baidu	NSIS.Trojan-Downloader.Agent.k
Zillya	Adware.Generic.Win32.141311
TrendMicro	TROJ_GEN.R067C0OJ122
McAfee-GW-Edition	BehavesLike.Win32.BadFile.bc
FireEye	Gen:Variant.Bulz.256291
Emsisoft	Gen:Variant.Bulz.256291 (B)
GData	Win32.Application.NetBear.B
Google	Detected
MAX	malware (ai score=88)
Microsoft	PUA:Win32/GameApp37
VBA32	Trojan.Wacatac
ALYac	Gen:Variant.Bulz.256291
Malwarebytes	Malware.AI.4220493279
Rising	PUA.Wews87!8.642 (CLOUD)
Ikarus	Trojan-Downloader.NSIS.Chindo
Fortinet	W32/Chindo.H!tr.dldr
AVG	NSIS:Downloader-ABR [Trj]
CrowdStrike	win/grayware_confidence_90% (W)

How to remove Malware.AI.4220493279?

Malware.AI.4220493279 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X