Malware

Should I remove “Malware.AI.4269511978”?

Malware Removal

The Malware.AI.4269511978 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.4269511978 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • A process created a hidden window
  • Drops a binary and executes it
  • Unconventionial language used in binary resources: Russian
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • A scripting utility was executed
  • Uses Windows utilities for basic functionality
  • Uses Windows utilities for basic functionality
  • Attempts to modify desktop wallpaper
  • Created a process from a suspicious location
  • Installs itself for autorun at Windows startup
  • A script process created a new process
  • Clears Windows events or logs

How to determine Malware.AI.4269511978?



File Info:

name: DB9ADA950A27E5F6CE92.mlw
path: /opt/CAPEv2/storage/binaries/9d1b8b6716bd8ee627f6b980ff9aa6da9df624402c37ae7062e05a4b98a1ae51
crc32: B17AFA63
md5: db9ada950a27e5f6ce92e7839b6c7860
sha1: af23f67af71a6247b14af8a600ca5e1b6eeb64b4
sha256: 9d1b8b6716bd8ee627f6b980ff9aa6da9df624402c37ae7062e05a4b98a1ae51
sha512: b129d0a09eafea5d85253de232e8521b7f011306106b2d50bfd1603e0c189dc7bb0a42205a363ad85e3fcbee50198c2a434f7e355eea5c199d1e1f37d067aadd
ssdeep: 49152:xIoYtUiIuLjG0s1OjHbh+gdkA/PEeOB0jqHXm5cAkPVeytpCZK:xIsiIuu+7YgdkUEeOB0jqH25cn9eyHd
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1C7D5230BB9E189BBD1E20E32C624A7F1597C6C200E105EEAE7CE797905F50F163169B7
sha3_384: a8e7872b2ce2235e2165b881472303a814ff56f2f3c02f9892ed4eabc49ef0aed37742317148c9a151d65e2e25d30e35
ep_bytes: e89a040000e98efeffff3b0dc8a14300
timestamp: 2019-02-24 19:03:26


Version Info:

0: [No Data]

Malware.AI.4269511978 also known as:

LionicTrojan.Win32.Generic.4!c
FireEyeGeneric.mg.db9ada950a27e5f6
McAfeeArtemis!DB9ADA950A27
CylanceUnsafe
AlibabaTrojanDropper:Win32/dropper.ali1003001
K7GWTrojan ( 005116a91 )
K7AntiVirusTrojan ( 005116a91 )
SymantecTrojan.Gen.2
ESET-NOD32a variant of Generik.CLYTXAF
APEXMalicious
AvastWin32:Trojan-gen
KasperskyUDS:Trojan.Win32.Generic
BitDefenderTrojan.GenericKD.38809185
MicroWorld-eScanTrojan.GenericKD.38809185
TencentWin32.Trojan.Generic.Wtxi
Ad-AwareTrojan.GenericKD.38809185
SophosMal/Generic-S
ComodoMalware@#32ihbn4d8823j
McAfee-GW-EditionBehavesLike.Win32.Generic.vc
EmsisoftTrojan.GenericKD.38809185 (B)
Paloaltogeneric.ml
GDataTrojan.GenericKD.38809185
ArcabitTrojan.Generic.D2502E61
ZoneAlarmHEUR:Trojan.Win32.Generic
MicrosoftTrojan:Win32/Wacatac.B!ml
AhnLab-V3Malware/Gen.Generic.C3125598
MAXmalware (ai score=88)
MalwarebytesMalware.AI.4269511978
TrendMicro-HouseCallTROJ_GEN.R002C0OAU22
AVGWin32:Trojan-gen
PandaTrj/CI.A

How to remove Malware.AI.4269511978?

Malware.AI.4269511978 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment