Malware

Malware.AI.4254972932 information

Malware Removal

The Malware.AI.4254972932 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.4254972932 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Unconventionial language used in binary resources: Russian
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • CAPE detected the shellcode patterns malware family
  • Writes to the spooler folder, potential vulnerability or printer driver install
  • Collects information to fingerprint the system
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Malware.AI.4254972932?



File Info:

name: B5950961DFE30DDF9A46.mlw
path: /opt/CAPEv2/storage/binaries/f7ccc36ad8c51ca628e831d880d2a9be959f9275cd44d17835300b7e6da0c8c5
crc32: 2325B9AE
md5: b5950961dfe30ddf9a46af3a8856f996
sha1: 6bf2ba049526e60cb3d62da6e2c40b44ec1092d3
sha256: f7ccc36ad8c51ca628e831d880d2a9be959f9275cd44d17835300b7e6da0c8c5
sha512: c75009cd893dd4b2956927584d2dd4ea965c5832b7769d2a26e51dedd6536a00b79a2914676697c484f28ef45eca82811d5a65007d467148dde62733eab7e792
ssdeep: 3072:jkmrkp63D0+MXLGouJuL3y6wSFFmg+e7MfBgxKzIpWjvG+ot15nR4IOqO7ZJv2QR:j0KDngJo8mpnfUUolR+qyf+NH+
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T173141213F5C96F18E3654B7A5046EF3FD637C850BA75D388062E6F8858FD729A2482B0
sha3_384: e50130d85b7c3f9818eebdc0faebca9916b021b73655ba6530a7404ddcd4ee821a495cbb4cba77da45e32158de9f16f2
ep_bytes: 60be15c072008dbeeb4fcdff57eb0b90
timestamp: 2007-11-07 00:41:59


Version Info:

CompanyName: Xyxgopypa Edndacsih
FileDescription: Xyxgopypa Ddspsknavd Vusjxbyipy
FileVersion: 41, 77, 123, 106
InternalName: Xyxgopypa
LegalCopyright: Copyright © Xyxgopypa Edndacsih 2004-2006
OriginalFilename: Xyxgopypa.exe
ProductName: Xyxgopypa Ddspsknavd Vusjxbyipy
ProductVersion: 24, 27, 91, 17
Translation: 0x0409 0x04e4

Malware.AI.4254972932 also known as:

BkavW32.MosquitoQKB.Fam.Trojan
Elasticmalicious (moderate confidence)
MicroWorld-eScanGen:Heur.VIZ.2
FireEyeGeneric.mg.b5950961dfe30ddf
SkyhighBehavesLike.Win32.Generic.dc
MalwarebytesMalware.AI.4254972932
ZillyaTrojan.Hodprot.Win32.200
SangforTrojan.Win32.Save.a
AlibabaVirTool:Win32/Obfuscator.a31c41e8
K7GWTrojan ( 004e42001 )
K7AntiVirusTrojan ( 004e42001 )
BitDefenderThetaGen:NN.ZexaF.36802.mmLfaafkBQoc
SymantecML.Attribute.HighConfidence
ESET-NOD32Win32/Hodprot.AN
TrendMicro-HouseCallMal_Kryptik-3
AvastWin32:Kryptik-AVR [Trj]
KasperskyUDS:DangerousObject.Multi.Generic
BitDefenderGen:Heur.VIZ.2
NANO-AntivirusTrojan.Win32.Drop.eeagdq
TencentWin32.Trojan.Dropper.Pcnw
EmsisoftGen:Heur.VIZ.2 (B)
F-SecureTrojan.TR/Drop.Agent.UR
DrWebTrojan.WinSpy.2358
VIPREGen:Heur.VIZ.2
TrendMicroMal_Kryptik-3
Trapminemalicious.high.ml.score
SophosMal/Zbot-CX
MAXmalware (ai score=99)
JiangminTrojan/Generic.ebmx
WebrootW32.Pdf.Exploit
GoogleDetected
AviraTR/Drop.Agent.UR
VaristW32/Zbot.CN.gen!Eldorado
Antiy-AVLTrojan/Win32.Kryptik
Kingsoftmalware.kb.b.915
MicrosoftTrojan:Win32/Multiverze
XcitiumMalware@#hs1n2i912spg
ArcabitTrojan.VIZ.2
ViRobotTrojan.Win.Z.Kryptik.206680
ZoneAlarmUDS:DangerousObject.Multi.Generic
GDataGen:Heur.VIZ.2
CynetMalicious (score: 99)
AhnLab-V3Trojan/Win32.Zbot.R3496
McAfeeW32/Pinkslipbot.gen.af
VBA32Malware-Cryptor.ImgChk
PandaGeneric Malware
RisingTrojan.Hodprot!8.8EC (CLOUD)
YandexTrojan.GenAsa!8YUQO13HDLg
IkarusNet-Worm.Win32.Kolab
MaxSecureTrojan.Malware.9070886.susgen
FortinetW32/Kryptik.WCH!tr
AVGWin32:Kryptik-AVR [Trj]
DeepInstinctMALICIOUS
alibabacloudTrojan

How to remove Malware.AI.4254972932?

Malware.AI.4254972932 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment