What is “Malware.AI.4264004658”?

The Malware.AI.4264004658 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.4264004658 virus can do?

Dynamic (imported) function loading detected
.NET file is packed/obfuscated with Confuser
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid

How to determine Malware.AI.4264004658?


File Info:
name: DCD4ABD94D7E7AFA54C6.mlw
path: /opt/CAPEv2/storage/binaries/0e9028ce459f6c224e4798b01c515a4e4351c557cd1d4513b0abb44e38367a99
crc32: DA66707E
md5: dcd4abd94d7e7afa54c6b219e2f5f714
sha1: 5c59a0c4d5db0784c6eca48fc9ab0f2dadca1ad4
sha256: 0e9028ce459f6c224e4798b01c515a4e4351c557cd1d4513b0abb44e38367a99
sha512: 715367d5de5bbed0c3ed0b852528fd0a7f7d9aee52afebd9911c79d90dd4472bd030c686562d41dba0fb6e8f1026181020051a785f23bd052043f5e435850658
ssdeep: 24576:Ry+nb7D6vS3EADVSZBAugNIlkMvin1SKsET47TJ:Ry++S3kZ+FI9iAKsET+T
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T1D92523892DEE3D32FBAE837665C803638B61CB0A21C1E7C77466E5486CD52963677343
sha3_384: 1d3a02b2054d2e69f0a2a938d7edcdb7f09d7cd88a392271440d0d3121deb49c8f9b8261f9005ef214638a7470f863f2
ep_bytes: ff250020400000000000000000000000
timestamp: 2022-02-04 12:05:22

Version Info:
Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: asdas2dasd
FileVersion: 1.0.0.0
InternalName: winPEAS.exe
LegalCopyright: Copyright ©  2019
LegalTrademarks: 
OriginalFilename: winPEAS.exe
ProductName: asdas2dasd
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Malware.AI.4264004658 also known as:

Elastic	malicious (high confidence)
Cynet	Malicious (score: 100)
CAT-QuickHeal	Trojan.YakbeexMSIL.ZZ4
ALYac	Gen:Variant.MSILHeracles.21051
Malwarebytes	Malware.AI.4264004658
K7GW	Trojan ( 00580bbe1 )
K7AntiVirus	Trojan ( 00580bbe1 )
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of MSIL/HackTool.Agent.OS
APEX	Malicious
BitDefender	Gen:Variant.MSILHeracles.21051
MicroWorld-eScan	Gen:Variant.MSILHeracles.21051
Emsisoft	Gen:Variant.MSILHeracles.21051 (B)
F-Secure	Heuristic.HEUR/AGEN.1145178
McAfee-GW-Edition	BehavesLike.Win32.Fareit.dc
FireEye	Generic.mg.dcd4abd94d7e7afa
Sophos	Generic ML PUA (PUA)
SentinelOne	Static AI – Malicious PE
Avira	HEUR/AGEN.1145178
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
GData	Gen:Variant.MSILHeracles.21051
AhnLab-V3	Trojan/Win.Generic.C4596341
MAX	malware (ai score=85)
Cylance	Unsafe
Rising	Trojan.Generic/MSIL@AI.98 (RDM.MSIL:47nqQ4LhVoFSQqBt6aQVuA)
Ikarus	Trojan.Shelma
MaxSecure	Trojan.Malware.300983.susgen
BitDefenderTheta	Gen:NN.ZemsilF.34182.8m0@amNpP!n

How to remove Malware.AI.4264004658?

Malware.AI.4264004658 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X