Malware

Malware.AI.4261877467 malicious file

Malware Removal

The Malware.AI.4261877467 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.4261877467 virus can do?

  • Executable code extraction
  • Injection (inter-process)
  • Injection (Process Hollowing)
  • Injection with CreateRemoteThread in a remote process
  • Creates RWX memory
  • Executed a process and injected code into it, probably while unpacking
  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics

How to determine Malware.AI.4261877467?



File Info:

crc32: A1BAE4AD
md5: f9fa85a40e289eaab0df87ae78c5a70a
name: F9FA85A40E289EAAB0DF87AE78C5A70A.mlw
sha1: c453ff844a5d598ad3018b9f76c909d48c6c0966
sha256: e08b9dfd035e3e25f547a80fcc82b284cd5d23808fd3d517d75e12990d9fab00
sha512: 914f0805cd9cd0985d2d0d0740cb6d708dc95ca3b9cb6b31ecefa2520aa093fa1fd01d742a69a3e0f1c754d87b6ad86eb20c927107dbcd1604d260f95c45dba0
ssdeep: 1536:aSLozzYog02G16uZEpxlxQmAqjCcwxgyJwVD:aGozN7FEQmAgwsD
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

Translation: 0x0409 0x04b0
InternalName: Menile reskoto
FileVersion: 3.06.0007
CompanyName: Menile reskoto
Comments: Felsenstollens4
ProductName: Menile reskoto
ProductVersion: 3.06.0007
FileDescription: Menile reskoto
OriginalFilename: Menile reskoto.exe

Malware.AI.4261877467 also known as:

BkavW32.AIDetect.malware2
Elasticmalicious (high confidence)
CAT-QuickHealTrojanPWS.Zbot.V3
ALYacGen:Heur.PonyStealer.fm0@o4Hokeci
CylanceUnsafe
ZillyaDropper.VB.Win32.66023
SangforTrojan.Win32.Kazy.773284
CrowdStrikewin/malicious_confidence_80% (D)
AlibabaTrojanDropper:Win32/Wauchos.86bc0cc6
K7GWTrojan-Downloader ( 0055e3da1 )
K7AntiVirusTrojan-Downloader ( 0055e3da1 )
SymantecML.Attribute.HighConfidence
ESET-NOD32Win32/TrojanDownloader.Wauchos.BD
APEXMalicious
AvastWin32:Trojan-gen
CynetMalicious (score: 99)
KasperskyTrojan-Dropper.Win32.VB.dfbg
BitDefenderGen:Heur.PonyStealer.fm0@o4Hokeci
NANO-AntivirusTrojan.Win32.VB.dyjzzc
MicroWorld-eScanGen:Heur.PonyStealer.fm0@o4Hokeci
TencentWin32.Trojan-dropper.Vb.Ehhy
Ad-AwareGen:Heur.PonyStealer.fm0@o4Hokeci
SophosTroj/VBInj-MJ
ComodoMalware@#pzy2k9k62j2f
F-SecureHeuristic.HEUR/AGEN.1128740
BitDefenderThetaGen:NN.ZevbaF.34294.fm0@a4Hokeci
VIPRETrojan.Win32.Generic!BT
McAfee-GW-EditionBehavesLike.Win32.Fareit.mh
FireEyeGeneric.mg.f9fa85a40e289eaa
EmsisoftGen:Heur.PonyStealer.fm0@o4Hokeci (B)
SentinelOneStatic AI – Malicious PE
JiangminTrojanDropper.VB.atly
WebrootTrojan.Dropper.Gen
AviraHEUR/AGEN.1128740
eGambitUnsafe.AI_Score_98%
Antiy-AVLTrojan[Dropper]/Win32.VB
KingsoftWin32.Troj.VB.df.(kcloud)
MicrosoftWorm:Win32/Gamarue.AU
ArcabitTrojan.PonyStealer.EC95D7
GDataGen:Heur.PonyStealer.fm0@o4Hokeci
McAfeeRDN/GenDownloader.dh
MAXmalware (ai score=83)
MalwarebytesMalware.AI.4261877467
PandaTrj/CI.A
RisingTrojan.Injector!1.B459 (CLASSIC)
YandexTrojan.DR.VB!k+p9znMBIfs
IkarusTrojan-Downloader.Win32.Wauchos
FortinetW32/Injector.CMBI!tr
AVGWin32:Trojan-gen
Paloaltogeneric.ml

How to remove Malware.AI.4261877467?

Malware.AI.4261877467 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment