Malware.AI.4248653061 (file analysis)

The Malware.AI.4248653061 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.4248653061 virus can do?

SetUnhandledExceptionFilter detected (possible anti-debug)
At least one process apparently crashed during execution
Dynamic (imported) function loading detected
Authenticode signature is invalid
Anomalous binary characteristics

How to determine Malware.AI.4248653061?


File Info:
name: 7F216E4F79D64CDE97FB.mlw
path: /opt/CAPEv2/storage/binaries/507d8d5db2ca5c7f0345a4b3429ea1776b55c49a34c302aded9e8d9e561549c8
crc32: 40CBB5FA
md5: 7f216e4f79d64cde97fb2912e8dfbcc7
sha1: 5d67ac1e9a106e3336d204f533a20a585a1a28fc
sha256: 507d8d5db2ca5c7f0345a4b3429ea1776b55c49a34c302aded9e8d9e561549c8
sha512: 548d32eb2b74164b907821dab1d503f392297fffbf98c03592e97a0eb60a95626fbe94882d11472875f466d86572403da4526d5d3469e9f184c18524389934ca
ssdeep: 49152:gWUZMpbxLk7Xng/fwBIrpOEwbJz+xR0OhrZs:gWMjjg/IBIrpSIRO
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T13DC52A107A41923AEAF314B6CDBD6D1E454CFA810B6858DF93CC096F9BE49E33A31953
sha3_384: 1965f5cc8ee509d7f94a0cd42fb5ad28a812214c9c5374a13616f0cbcd3faf89a1caf293e2a9c20b96158fd31d8ac8d2
ep_bytes: e8070d0000e925feffffc3558bec8b45
timestamp: 2017-08-17 23:59:46

Version Info:
0: [No Data]

Malware.AI.4248653061 also known as:

Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Razy.425587
FireEye	Generic.mg.7f216e4f79d64cde
ALYac	Gen:Variant.Razy.425587
Cylance	Unsafe
Sangfor	Trojan.Win32.Sabsik.ml
Alibaba	AdWare:Win32/Zdengo.c3703b88
Cybereason	malicious.f79d64
BitDefenderTheta	Gen:NN.ZexaF.34182.GsW@aee518ji
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/Adware.Zdengo.BXQ
APEX	Malicious
BitDefender	Gen:Variant.Razy.425587
Avast	Win32:Adware-gen [Adw]
Tencent	Win32.Trojan.Ad.Ajbt
Ad-Aware	Gen:Variant.Razy.425587
Emsisoft	Gen:Variant.Razy.425587 (B)
VIPRE	Trojan.Win32.Generic!BT
McAfee-GW-Edition	BehavesLike.Win32.Dropper.vh
Sophos	Generic PUA FN (PUA)
SentinelOne	Static AI – Malicious PE
Webroot	W32.Adware.Gen
Avira	HEUR/AGEN.1108448
Microsoft	Trojan:Win32/Occamy.C50
GData	Gen:Variant.Razy.425587
Cynet	Malicious (score: 99)
McAfee	Artemis!7F216E4F79D6
VBA32	BScope.Adware.Wajam
Malwarebytes	Malware.AI.4248653061
TrendMicro-HouseCall	TROJ_GEN.R002H0CGO21
Rising	Trojan.Zpevdo!8.F912 (CLOUD)
Yandex	PUA.Zdengo!PbCTI8p1D+Q
Ikarus	Trojan.AD.Zdengo
Fortinet	Riskware/Zdengo
AVG	Win32:Adware-gen [Adw]
Panda	Trj/GdSda.A
CrowdStrike	win/grayware_confidence_60% (D)

How to remove Malware.AI.4248653061?

Malware.AI.4248653061 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X