Malware

Should I remove “Malware.AI.4247214944”?

Malware Removal

The Malware.AI.4247214944 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.4247214944 virus can do?

  • Possible date expiration check, exits too soon after checking local time
  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Network activity detected but not expressed in API logs
  • Binary compilation timestomping detected

Related domains:

wpad.local-net

How to determine Malware.AI.4247214944?



File Info:

name: 677AD4C727A23A2BB805.mlw
path: /opt/CAPEv2/storage/binaries/b0469f2c874bc51505688b1af5e8fe823956ae212ffd7b6a91e55443b3a2caaa
crc32: 6F60C631
md5: 677ad4c727a23a2bb80564a428a44dc5
sha1: 14e418c8d13cbe0c70978712de0e29dc9b8bcd07
sha256: b0469f2c874bc51505688b1af5e8fe823956ae212ffd7b6a91e55443b3a2caaa
sha512: 63b267327923793b723f976049fd0bedd0abcf678953c56ee4d180c2294bf20bf931f3db8e5ad04174249855442596ef985b0608f36bd0ddfbb80367d909a6b8
ssdeep: 12288:Em4x90YmYa8GYo90YmYa8GY9jjD90YmYa8GYk90YmYa8GYk90YmYa8GY:ED9VmL8GYo9VmL8GY9j9VmL8GYk9VmLf
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T14AF45A1C72A99806F124DCB805B593F347B61C324821C28D6D92F3AADDBF7764E713A2
sha3_384: 973bc3d09c76af24be5807faea32e6b8bc6dd44c4e93677bf4b9cc81549330069eaab40e20280848a380224dd7c6df4e
ep_bytes: ff250020400000000000000000000000
timestamp: 2046-02-04 09:50:16


Version Info:

Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: Astra 5.2
FileVersion: 1.0.0.0
InternalName: Astra 5.2.exe
LegalCopyright: Copyright ©  2021
LegalTrademarks: 
OriginalFilename: Astra 5.2.exe
ProductName: Astra 5.2
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Malware.AI.4247214944 also known as:

LionicTrojan.Win32.Generic.4!c
Elasticmalicious (high confidence)
CynetMalicious (score: 100)
FireEyeGeneric.mg.677ad4c727a23a2b
McAfeeArtemis!677AD4C727A2
K7AntiVirusHacktool ( 0057c3df1 )
AlibabaTrojan:MSIL/MalwareX.93bf169c
K7GWHacktool ( 0057c3df1 )
CyrenW32/MSIL_Troj.NT.gen!Eldorado
ESET-NOD32a variant of MSIL/HackTool.Agent.PE
APEXMalicious
BitDefenderTrojan.GenericKD.38099204
MicroWorld-eScanTrojan.GenericKD.38099204
AvastWin32:MalwareX-gen [Trj]
Ad-AwareTrojan.GenericKD.38099204
EmsisoftTrojan.GenericKD.38099204 (B)
McAfee-GW-EditionBehavesLike.Win32.Generic.bm
SentinelOneStatic AI – Malicious PE
GDataTrojan.GenericKD.38099204
AviraHEUR/AGEN.1145308
GridinsoftRansom.Win32.Sabsik.sa
ArcabitTrojan.Generic.D2455904
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
ALYacTrojan.GenericKD.38099204
MAXmalware (ai score=86)
MalwarebytesMalware.AI.4247214944
TrendMicro-HouseCallTROJ_GEN.R002H0CKN21
IkarusTrojan.Fsysna
MaxSecureTrojan.Malware.300983.susgen
FortinetMSIL/Agent.PE!tr
BitDefenderThetaGen:NN.ZemsilF.34294.Vm0@aqVkmcj
AVGWin32:MalwareX-gen [Trj]

How to remove Malware.AI.4247214944?

Malware.AI.4247214944 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment