Malware

Malware.AI.4249894938 (file analysis)

Malware Removal

The Malware.AI.4249894938 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.4249894938 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Uses Windows utilities for basic functionality
  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Uses Windows utilities to create a scheduled task
  • Deletes executed files from disk
  • Uses suspicious command line tools or Windows utilities
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Malware.AI.4249894938?



File Info:

name: D626A54A72CA97239614.mlw
path: /opt/CAPEv2/storage/binaries/7562facb27d9b681a4b95a9c7c91253f25e5ce00eab6b707ed63bb2a158cbc43
crc32: 7F508D80
md5: d626a54a72ca97239614599afc121acd
sha1: 19faf37b085053577de33ac08c4840c7db189b2c
sha256: 7562facb27d9b681a4b95a9c7c91253f25e5ce00eab6b707ed63bb2a158cbc43
sha512: 5435283f8e0ebedeaabf26b30b478f32c86cc6d56cd2b3803857af9061245cfb20ede9253fbba9258024a7dc0e44f779e45f928d57c377624b5383bbc8c18a34
ssdeep: 12288:LCTbzu4k8om32yj1I6EhsVmII2JEKkUHMR:LCTXkij1iIIWElUsR
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T178B401D70EBAEDD1E3B9C1FD0DE749004ACDA4AF25F869E07577284C520A4EE3E22954
sha3_384: 599d613df9baa17041d0d377cea43f468af8dea21d77f3bdc08e01361704c0ac7abad21eb5e029d55d6c4af2deff3139
ep_bytes: b80000000083ec0489342421d221d25f
timestamp: 1970-01-01 00:00:00


Version Info:

0: [No Data]

Malware.AI.4249894938 also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Generic.4!c
Elasticmalicious (high confidence)
SkyhighBehavesLike.Win32.Glupteba.hc
ALYacGen:Variant.Razy.373115
Cylanceunsafe
VIPREGen:Variant.Razy.373115
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 0058e60a1 )
AlibabaTrojan:Win32/Kryptik.4b79fb05
K7GWTrojan ( 0058e60a1 )
CrowdStrikewin/malicious_confidence_100% (W)
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Kryptik.XVS
APEXMalicious
CynetMalicious (score: 100)
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Variant.Razy.373115
NANO-AntivirusVirus.Win32.Gen.ccmw
MicroWorld-eScanGen:Variant.Razy.373115
RisingTrojan.Kryptik!1.D614 (CLASSIC)
EmsisoftGen:Variant.Razy.373115 (B)
F-SecureTrojan.TR/Crypt.XPACK.Gen
DrWebTrojan.DownLoader39.45286
ZillyaTrojan.Generic.Win32.1460989
Trapminemalicious.moderate.ml.score
FireEyeGeneric.mg.d626a54a72ca9723
SophosTroj/Agent-BGOS
IkarusTrojan.Win32.Crypt
GoogleDetected
AviraTR/Crypt.XPACK.Gen
MAXmalware (ai score=88)
Antiy-AVLTrojan/Win32.Kryptik
KingsoftWin32.Trojan.Generic.a
MicrosoftTrojan:Win32/Ditertag.A
ArcabitTrojan.Razy.D5B17B
ZoneAlarmHEUR:Trojan.Win32.Generic
GDataGen:Variant.Razy.373115
VaristW32/Kryptik.ECA.gen!Eldorado
AhnLab-V3Malware/Win32.RL_Generic.R299848
McAfeeGlupteba-FTTQ!D626A54A72CA
DeepInstinctMALICIOUS
VBA32BScope.Trojan.Wacatac
MalwarebytesMalware.AI.4249894938
PandaTrj/CI.A
TencentTrojan.Win32.Kryptik.fh
YandexTrojan.Agent!nRypB0HcGtk
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/GenKryptik.CTNW!tr
BitDefenderThetaAI:Packer.36C2946D1E
AVGWin32:TrojanX-gen [Trj]
Cybereasonmalicious.b08505
AvastWin32:TrojanX-gen [Trj]

How to remove Malware.AI.4249894938?

Malware.AI.4249894938 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment