Malware

Malware.AI.4258137002 removal

Malware Removal

The Malware.AI.4258137002 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.4258137002 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • Authenticode signature is invalid
  • Behavioural detection: Injection (inter-process)
  • CAPE detected the embedded pe malware family
  • Anomalous binary characteristics
  • Attempts to modify Explorer settings to prevent hidden files from being displayed
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Malware.AI.4258137002?



File Info:

name: DF2293DD657CE9A6CC99.mlw
path: /opt/CAPEv2/storage/binaries/7aacf7817aa5e54cd129dadc4cbd893e0da45a11f9cb5ab94121e4ff27406e18
crc32: 90F93DA3
md5: df2293dd657ce9a6cc998191f1c8b84c
sha1: 11f456120b240e7483c3c10b365eb139fddedc40
sha256: 7aacf7817aa5e54cd129dadc4cbd893e0da45a11f9cb5ab94121e4ff27406e18
sha512: 20b042f2156f58d59954d9a33393ab7d5e7683e2c5b324d1f38a6c75918cfafb4eb725e0724799dff67da869e83d385d8fe11b4ca32d68b715d9b15e1bc2e3a8
ssdeep: 768:fkgn+SirDoWXD99uu4IMG+hmUVm4OSKpiZDRRlzcFZ/4scIU+GweTzjozarsJhlT:fkg+jrDBGbBPouB92cKaoOEe8kzo14I
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1A674E341565004C0E0773DBBC1EDE53FB4A9A7EE9C0AC17C295D98EA20B7A5623E5F0B
sha3_384: e2a70e3ed6d975b12ec0936e7dd9e37d07e29cf29d41c0d4e4e701760eff78eb039adb9536e18456c83d16f5440bac15
ep_bytes: 68b4114000e8eeffffff000000000000
timestamp: 2010-11-07 06:48:12


Version Info:

Translation: 0x0409 0x04b0
ProductName: gEccMa
FileVersion: 2.30
ProductVersion: 2.30
InternalName: gEccMa
OriginalFilename: gEccMa.exe

Malware.AI.4258137002 also known as:

BkavW32.AIDetectMalware
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Tedy.13203
CAT-QuickHealWorm.VBNA.gen
SkyhighBehavesLike.Win32.VBObfus.ft
McAfeeDownloader-CJX.gen.j
MalwarebytesMalware.AI.4258137002
VIPREGen:Variant.Tedy.13203
SangforSuspicious.Win32.Save.vb
K7AntiVirusTrojan ( 001f4fd41 )
K7GWTrojan ( 001f4fd41 )
Cybereasonmalicious.d657ce
BaiduWin32.Worm.VB.al
VirITTrojan.Win32.VBCrypt.A
SymantecW32.Changeup!gen10
tehtrisGeneric.Malware
ESET-NOD32a variant of Win32/AutoRun.VB.WL
APEXMalicious
TrendMicro-HouseCallWORM_VBNA.SMCY
ClamAVWin.Malware.Vobfus-9806879-0
KasperskyWorm.Win32.WBNA.ipa
BitDefenderGen:Variant.Tedy.13203
NANO-AntivirusTrojan.Win32.Code.cojbpw
AvastWin32:Agent-AZYI [Trj]
EmsisoftGen:Variant.Tedy.13203 (B)
F-SecureTrojan.TR/Code.taf
DrWebWin32.HLLW.Autoruner.34955
TrendMicroWORM_VBNA.SMCY
Trapminemalicious.high.ml.score
FireEyeGeneric.mg.df2293dd657ce9a6
SophosW32/AutoRun-BLI
SentinelOneStatic AI – Malicious PE
MAXmalware (ai score=85)
JiangminTrojan/Generic.avjsr
GoogleDetected
AviraTR/Code.taf
VaristW32/Vobfus.K.gen!Eldorado
Antiy-AVLWorm/Win32.WBNA.gen
MicrosoftWorm:Win32/Vobfus!pz
ArcabitTrojan.Tedy.D3393
ViRobotTrojan.Win32.A.VBKrypt.368640.BO
ZoneAlarmWorm.Win32.WBNA.ipa
GDataGen:Variant.Tedy.13203
CynetMalicious (score: 100)
AhnLab-V3Malware/Gen.Generic.R426572
Acronissuspicious
BitDefenderThetaAI:Packer.EA1C0E7920
ALYacGen:Variant.Tedy.13203
VBA32Trojan.VBRA.0355
Cylanceunsafe
PandaTrj/Genetic.gen
TencentTrojan.Win32.VBKrypt.hc
IkarusWorm.Win32.Vobfus
MaxSecureTrojan.Malware.2588.susgen
FortinetW32/AutoRun.XM!worm
AVGWin32:Agent-AZYI [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (D)
alibabacloudTrojan:Win/Vobfus.3222cad4

How to remove Malware.AI.4258137002?

Malware.AI.4258137002 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment