Malware

About “Malware.AI.4248455725” infection

Malware Removal

The Malware.AI.4248455725 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.4248455725 virus can do?

  • Executed a command line with /C or /R argument to terminate command shell on completion which can be used to hide execution
  • Sample contains Overlay data
  • Uses Windows utilities for basic functionality
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • A scripting utility was executed
  • Uses Windows utilities to create a scheduled task
  • Deletes executed files from disk

How to determine Malware.AI.4248455725?



File Info:

name: C6C748E45403BDDE0724.mlw
path: /opt/CAPEv2/storage/binaries/e8a1507de51b92057071fbcd73f42121b18cc635a84a99d9afeae49383896afb
crc32: BDD5882A
md5: c6c748e45403bdde072494ad245b8815
sha1: 94f68f657e3dec5baca7054bd4aafbc93d52a929
sha256: e8a1507de51b92057071fbcd73f42121b18cc635a84a99d9afeae49383896afb
sha512: cf848b0149956d39f6671ae100a630e437ca2882fb9089f84099d57a436aaf76871ed19f126fd364c859a6886e619584db25b7973adb5944f0a524124f366e30
ssdeep: 24576:rmoO8itEqfZSMNe4kDzOE4LB4AVCfUI1VSQZg5o5:qvZS7DzGLSA3IfNb5
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1ED351201FBC285B2E9722C3269399714A97CBA304E35CBAFA7D44D6DAE300D15536F63
sha3_384: e2f63c2085cdf2ccc74919d1ef3e0968221be9b178301c19c803bfe0655790b9de0c2c037d61065f836ac1e454a9f9aa
ep_bytes: e88a040000e98efeffff3b0db8a14300
timestamp: 2017-08-11 13:54:06


Version Info:

0: [No Data]

Malware.AI.4248455725 also known as:

BkavW32.Common.67A95237
LionicVirus.Win32.File.n!c
MicroWorld-eScanEICAR-Test-File
FireEyeEICAR-Test-File (not a virus)
Cylanceunsafe
VIPREEICAR-Test-File (not a virus)
SangforVirus.Win32.Agent.Vu9y
Cybereasonmalicious.45403b
Elasticmalicious (moderate confidence)
APEXMalicious
BitDefenderEICAR-Test-File (not a virus)
EmsisoftEICAR-Test-File (not a virus) (B)
TrendMicroHEUR_JS.NOOB
Trapminemalicious.high.ml.score
SophosGeneric ML PUA (PUA)
MAXmalware (ai score=83)
Kingsoftmalware.kb.a.915
ArcabitEICAR-Test-File (not a virus)
GDataEICAR-Test-File (not a virus)
ALYacEICAR-Test-File (not a virus)
MalwarebytesMalware.AI.4248455725
MaxSecureTrojan.Malware.1729305.susgen
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_60% (W)

How to remove Malware.AI.4248455725?

Malware.AI.4248455725 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment