Malware

Malware.AI.4258474810 removal tips

Malware Removal

The Malware.AI.4258474810 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.4258474810 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Creates RWX memory
  • NtSetInformationThread: attempt to hide thread from debugger
  • Dynamic (imported) function loading detected
  • Enumerates the modules from a process (may be used to locate base addresses in process injection)
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Checks for the presence of known windows from debuggers and forensic tools
  • Checks for the presence of known devices from debuggers and forensic tools
  • Anomalous binary characteristics

How to determine Malware.AI.4258474810?



File Info:

name: 9F7801788AB875982F47.mlw
path: /opt/CAPEv2/storage/binaries/a23fcdf6bf6bc503f2e69c36f3760445eda0a9ec0166bd94cfe9dfd51789db64
crc32: AE2C7321
md5: 9f7801788ab875982f479c2d8b7a6f9f
sha1: 1f90d6d5a8bbf25af3847a7ace7436995bb1b585
sha256: a23fcdf6bf6bc503f2e69c36f3760445eda0a9ec0166bd94cfe9dfd51789db64
sha512: 81da7f066575989eed1616432ed299bf38bcf34012cc26ad05011a76f6789f4bd5ee2c5d7170e948c587e8a8c85dc62d0b75892488685df8e8f54a205397f508
ssdeep: 24576:AJanMMoDslaIgB/jk2R8Fku2X4giNng4O5YYVZtfOAoRVUVZv0e+DOFpL/Nd:A68YrIjkhzA45NneOxAoR2Pv0JOF3d
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1CC8533ED97E0D09CF5F12AB9087497A01B093C7288F2DFCF52255D386267A97AC52339
sha3_384: 8ca8d79e7c96e22cebf96f7b8b96d027933cb0a726e36bb5c39852a54545345d72a80b3c715f0a2da88f93065a68dcb7
ep_bytes: 558bec83c4f0b800104000e801000000
timestamp: 2021-03-17 03:13:31


Version Info:

CompanyName: Microsoft Corporation
FileDescription: Microsoft ® Console Based Script Host
FileVersion: 5.812.10240.16384
InternalName: cscript.exe
LegalCopyright: © Microsoft Corporation. All rights reserved.
OriginalFilename: cscript.exe
ProductName: Microsoft ® Windows Script Host
ProductVersion: 5.812.10240.16384
Translation: 0x0409 0x04b0

Malware.AI.4258474810 also known as:

BkavW32.AIDetect.malware1
LionicTrojan.Win32.Zegost.m!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Trojan.Heur.PD0@ty3wSrni
FireEyeGeneric.mg.9f7801788ab87598
McAfeeGenericRXAA-AA!9F7801788AB8
CylanceUnsafe
K7AntiVirusTrojan ( 005376ae1 )
BitDefenderGen:Trojan.Heur.PD0@ty3wSrni
K7GWTrojan ( 005376ae1 )
Cybereasonmalicious.88ab87
BitDefenderThetaAI:Packer.3AF835A723
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Packed.EnigmaProtector.J suspicious
TrendMicro-HouseCallTROJ_GEN.R002H0CL521
Paloaltogeneric.ml
KasperskyUDS:Backdoor.Win32.Lotok.fnt
AlibabaPacked:Win32/EnigmaProtector.03359a39
RisingPUF.Pack-Enigma!1.BA33 (CLASSIC)
Ad-AwareGen:Trojan.Heur.PD0@ty3wSrni
DrWebTrojan.Siggen15.62009
McAfee-GW-EditionBehavesLike.Win32.Generic.tc
EmsisoftGen:Trojan.Heur.PD0@ty3wSrni (B)
APEXMalicious
MaxSecureTrojan.Malware.300983.susgen
AviraHEUR/AGEN.1128127
MAXmalware (ai score=85)
Antiy-AVLTrojan/Generic.ASBOL.C669
KingsoftWin32.Hack.Undef.(kcloud)
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
GDataGen:Trojan.Heur.PD0@ty3wSrni
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win.Generic.R444727
ALYacGen:Trojan.Heur.PD0@ty3wSrni
MalwarebytesMalware.AI.4258474810
SentinelOneStatic AI – Malicious PE
eGambitUnsafe.AI_Score_61%
FortinetRiskware/Application
AVGWin32:BackdoorX-gen [Trj]
AvastWin32:BackdoorX-gen [Trj]
CrowdStrikewin/malicious_confidence_90% (W)

How to remove Malware.AI.4258474810?

Malware.AI.4258474810 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment