Malware

Malware.AI.4252877120 removal guide

Malware Removal

The Malware.AI.4252877120 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.4252877120 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Presents an Authenticode digital signature
  • Guard pages use detected – possible anti-debugging.
  • A process attempted to delay the analysis task.
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • A process created a hidden window
  • The binary likely contains encrypted or compressed data.
  • Uses Windows utilities to enumerate running processes
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Uses Windows utilities for basic functionality
  • Detects BullGuard Antivirus through the presence of a library
  • Created a process from a suspicious location
  • Detects the presence of Windows Defender AV emulator via files
  • Anomalous binary characteristics
  • Uses suspicious command line tools or Windows utilities

How to determine Malware.AI.4252877120?



File Info:

name: C9A0476BB60FEB1D02FB.mlw
path: /opt/CAPEv2/storage/binaries/b82bdfb3980b13d04d0da2a1bc6dcc7002dfab6f9d46a1451cdb68d6308252b2
crc32: 7DB66D6C
md5: c9a0476bb60feb1d02fba5b22f094db6
sha1: 8b3887ed91e9725998e103a92cc9ea8d4f8b4481
sha256: b82bdfb3980b13d04d0da2a1bc6dcc7002dfab6f9d46a1451cdb68d6308252b2
sha512: 43869a7bb34e5bec745cd34c7ef720740aa8850d57c6f5e6493734ee0ca11c57c30926929f6fef777b6179a98a9a00ee4ffe94c1129b2df0823d433ec948a511
ssdeep: 24576:Zig4OEjGPedTuzuNHyEN5GLv5H99FzdRb0Ep8mctxgNdLfj6a:DQjYmT0ulLIH7p/Wx+xn
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T167152340B9E0857EC5F309308A92FF354EFFFE7A196445477B287A052A72681E22D19F
sha3_384: bb066eaa72cc3eea996c21a323dfab7fcfb1c09630c7e9398b0e1a9af060d3904137a0f48c0cee79875ec8350f074af3
ep_bytes: e8a2020000e957fdffffff257c724100
timestamp: 2011-03-02 19:35:59


Version Info:

CompanyName: Oleg N. Scherbakov
FileDescription: 7z Setup SFX (x86)
FileVersion: 1.7.1.3901
InternalName: 7ZSfxMod
LegalCopyright: Copyright © 2005-2016 Oleg N. Scherbakov
OriginalFilename: 7ZSfxMod_x86.exe
PrivateBuild: October 31, 2017
ProductName: 7-Zip SFX
ProductVersion: 1.7.1.3901
Translation: 0x0000 0x04b0

Malware.AI.4252877120 also known as:

LionicTrojan.Win32.Agent.m!c
Elasticmalicious (moderate confidence)
CynetMalicious (score: 99)
CAT-QuickHealBackdoor.Agent
ALYacSpyware.CryptBot
CylanceUnsafe
ZillyaBackdoor.Agent.Win32.83544
SangforBackdoor.Win32.Agent.myuhbb
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaBackdoor:Win32/Starter.57aa620e
K7GWTrojan ( 0058deed1 )
K7AntiVirusTrojan ( 0058deed1 )
SymantecTrojan.Gen.2
ESET-NOD32a variant of Win32/Packed.7Zip.Z
AvastWin32:DropperX-gen [Drp]
KasperskyBackdoor.Win32.Agent.myuhbb
BitDefenderTrojan.GenericKD.38928566
MicroWorld-eScanTrojan.GenericKD.38928566
TencentWin32.Trojan.Cryptbot.Xqbx
Ad-AwareTrojan.GenericKD.38928566
EmsisoftTrojan.GenericKD.38928566 (B)
DrWebTrojan.Siggen16.44040
TrendMicroTROJ_GEN.R002C0PBE22
McAfee-GW-EditionTrojan-AutoIt.bl
FireEyeTrojan.GenericKD.38928566
SophosMal/Generic-S
Paloaltogeneric.ml
GDataTrojan.GenericKD.38928566
JiangminBackdoor.Agent.lep
WebrootW32.Trojan.Gen
AviraVBS/Starter.VPA
Antiy-AVLTrojan/Generic.ASMalwS.35292CC
KingsoftWin32.Hack.Agent.(kcloud)
GridinsoftRansom.Win32.Sabsik.sa
ArcabitTrojan.Generic.D25200B6
ZoneAlarmBackdoor.Win32.Agent.myuhbb
MicrosoftTrojan:Win32/Mamson.A!ac
AhnLab-V3Infostealer/Win.CryptBot.R472177
McAfeeTrojan-AutoIt.bl
MAXmalware (ai score=82)
VBA32BScope.Backdoor.Agent
MalwarebytesMalware.AI.4252877120
TrendMicro-HouseCallTROJ_GEN.R002C0PBE22
YandexBackdoor.Agent!XK1KrekxEhk
IkarusTrojan.VBS.Starter
FortinetW32/Agent.ADXB!tr
AVGWin32:DropperX-gen [Drp]
PandaTrj/Agent.CTG

How to remove Malware.AI.4252877120?

Malware.AI.4252877120 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment