Malware

Malware.AI.4269275006 removal guide

Malware Removal

The Malware.AI.4269275006 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Malware.AI.4269275006 virus can do?

  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • CAPE detected the RedLine malware family
  • Anomalous binary characteristics
  • Unusual version info supplied for binary
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Malware.AI.4269275006?


File Info:

name: E88A1B5A1E0727A398FB.mlw
path: /opt/CAPEv2/storage/binaries/ee44b1f230abff14a86e066a3e88673e97d6f4c2a074b2f673a17089909804ce
crc32: EB60019B
md5: e88a1b5a1e0727a398fb4fb11a1e3338
sha1: 982554bc9476761cea84a2fbea3fd3c7ae5bdd30
sha256: ee44b1f230abff14a86e066a3e88673e97d6f4c2a074b2f673a17089909804ce
sha512: 8d37978424fa939014f204a594417e93a108221e5c66f5c9487a52d229d15ba1ce8c7febf2cf45d281d9315f3c3e0f597d198811b0f8e457b56093e83ff1ec75
ssdeep: 12288:Th1Lk70TnvjcKD0JfU4aPogA/eDWq/fZWVq1mfKfW3:Pk70TrcKDi84nbPoOi2
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T100E401117282C277C47601348AD2C7759779BC604BAA95D3B6E96FBB3E303D563322CA
sha3_384: 18d71f2fc18057320ed778cb5fd362086e0ac25ec1ee95ef60d1e7a5f917f314f23586d9ddd11e80c210db27927f695a
ep_bytes: e8e15c0000e9a4feffff8bff558bec83
timestamp: 2012-07-13 22:47:16

Version Info:

Translation: 0x0000 0x04b0
Comments: Microsoft Contract Importer/Exporter
CompanyName:
FileDescription: Microsoft Company Operating System
FileVersion: 5.14.22.1
InternalName: Friended.exe
LegalCopyright: Microsoft Corp.
LegalTrademarks:
OriginalFilename: Friended.exe
ProductName: Microsoft Contract Importer/Exporter
ProductVersion: 5.14.22.1
Assembly Version: 131.32.5.3

Malware.AI.4269275006 also known as:

LionicTrojan.Win32.Lazy.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Lazy.288092
FireEyeGeneric.mg.e88a1b5a1e0727a3
McAfeeArtemis!E88A1B5A1E07
Cylanceunsafe
VIPREGen:Variant.Lazy.288092
SangforTrojan.Win32.Kryptik.Veg3
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaTrojan:MSIL/Kryptik.837c2a78
K7GWTrojan ( 0059ec881 )
K7AntiVirusTrojan ( 0059ec881 )
SymantecML.Attribute.HighConfidence
tehtrisGeneric.Malware
ESET-NOD32a variant of MSIL/Kryptik.AHYZ
APEXMalicious
BitDefenderGen:Variant.Lazy.288092
AvastWin32:Malware-gen
SophosGeneric ML PUA (PUA)
McAfee-GW-EditionBehavesLike.Win32.Generic.jc
Trapminemalicious.high.ml.score
EmsisoftGen:Variant.Lazy.288092 (B)
GDataGen:Variant.Lazy.288092
AviraTR/Kryptik.hekeo
Antiy-AVLTrojan/MSIL.Kryptik
ArcabitTrojan.Lazy.D4655C
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 100)
ALYacGen:Variant.Lazy.288092
MAXmalware (ai score=88)
MalwarebytesMalware.AI.4269275006
TrendMicro-HouseCallTROJ_GEN.R002H09C623
RisingTrojan.Generic@AI.99 (RDML:Meby8eZeGKhjmhWjEQxyUw)
SentinelOneStatic AI – Suspicious PE
FortinetMSIL/Kryptik.AHYZ!tr
BitDefenderThetaGen:NN.ZexaF.36308.Qq0@amTwQKk
AVGWin32:Malware-gen

How to remove Malware.AI.4269275006?

Malware.AI.4269275006 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment