Malware

What is “Malware.AI.4256735248”?

Malware Removal

The Malware.AI.4256735248 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.4256735248 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Malware.AI.4256735248?



File Info:

name: 04C2BB5C1BF26C8F9508.mlw
path: /opt/CAPEv2/storage/binaries/68db2af011457eafe4828c079c4b8c7c108063db35b9b6ef7cf813d5a48506a3
crc32: 494B73A9
md5: 04c2bb5c1bf26c8f950843faec8c6940
sha1: dc32622aa03c5d277807d6879b71c6af69ecf7e9
sha256: 68db2af011457eafe4828c079c4b8c7c108063db35b9b6ef7cf813d5a48506a3
sha512: a2e46f5ce5159a8cc7993ad3daea15de5e5fe843054ac129c066e377cdb847a5ac4360f4248730b70722a7a74ea066c0e7bbdab0202668f3a0d4b78eff82bd9f
ssdeep: 6144:oCcLKvLBbPNMgQWd8twTWLCMclHtwdEF3b+qJXYK:o1WjBbPNMgQWd8STW+M0twdEVJo
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T19064F1E304082922E2B14A7429139D79C80979947C0A6B7F6199BF70A2D4778DFBFF52
sha3_384: eaced5dc5dc3e414072bae0569dfe40bc4a1d9369ded582017bb26e05082b2667d36cfcf53896863fbe7e0ec091a44f3
ep_bytes: 33c28bc80bc9750683faff7501c3558b
timestamp: 2011-04-27 06:29:44


Version Info:

ProductName: Bucuqiz
FileDescription: Tuw Eregyx Ufu
CompanyName: APL2000 Inc.
OriginalFilename: 8rql1lksycnibxoih.exe
Translation: 0x0409 0x04b0

Malware.AI.4256735248 also known as:

BkavW32.AIDetect.malware2
LionicTrojan.Win32.Zbot.l!c
MicroWorld-eScanGen:Variant.Symmi.38781
FireEyeGeneric.mg.04c2bb5c1bf26c8f
CAT-QuickHealTrojan.Zbot.AM4
ALYacGen:Variant.Symmi.38781
CylanceUnsafe
VIPREGen:Variant.Symmi.38781
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 0055dd191 )
AlibabaTrojan:Win32/Kryptik.9e847615
K7GWTrojan ( 0055dd191 )
Cybereasonmalicious.c1bf26
VirITTrojan.Win32.Generic.ABGQ
SymantecTrojan.Gen
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Kryptik.BTEB
APEXMalicious
Paloaltogeneric.ml
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Variant.Symmi.38781
NANO-AntivirusTrojan.Win32.Zbot.ctecgl
AvastWin32:Konar-B [Trj]
TencentMalware.Win32.Gencirc.114c4741
Ad-AwareGen:Variant.Symmi.38781
EmsisoftGen:Variant.Symmi.38781 (B)
ComodoMalware@#130jqp2ek5zd2
DrWebTrojan.PWS.Panda.2977
ZillyaTrojan.Zbot.Win32.148023
McAfee-GW-EditionPWS-Zbot-FBDR!04C2BB5C1BF2
Trapminemalicious.high.ml.score
SophosML/PE-A
SentinelOneStatic AI – Malicious PE
JiangminTrojanSpy.Zbot.ebuy
WebrootW32.Infostealer.Zeus
AviraHEUR/AGEN.1237531
MAXmalware (ai score=100)
KingsoftWin32.Troj.Zbot.rh.(kcloud)
MicrosoftPWS:Win32/Zbot.gen!AJ
ArcabitTrojan.Symmi.D977D
GDataGen:Variant.Symmi.38781
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win.Zbot.R498608
McAfeePWS-Zbot-FBDR!04C2BB5C1BF2
VBA32SScope.Worm.Dorkbot.2113
MalwarebytesMalware.AI.4256735248
RisingTrojan.Generic@AI.100 (RDML:d56idKL/cJyK+d/Oe+QDOw)
IkarusTrojan-PWS.Win32.Zbot.AJ
FortinetW32/Simda.AGEZ!tr
BitDefenderThetaGen:NN.ZexaF.34742.tq0@a4fj3gmi
AVGWin32:Konar-B [Trj]
PandaTrj/Genetic.gen
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Malware.AI.4256735248?

Malware.AI.4256735248 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment