Malware

What is “Malware.AI.4270204586”?

Malware Removal

The Malware.AI.4270204586 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.4270204586 virus can do?

  • Executed a command line with /C or /R argument to terminate command shell on completion which can be used to hide execution
  • Sample contains Overlay data
  • Uses Windows utilities for basic functionality
  • Reads data out of its own binary image
  • Creates an autorun.inf file
  • Authenticode signature is invalid
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Malware.AI.4270204586?



File Info:

name: C0724290259DE35B3697.mlw
path: /opt/CAPEv2/storage/binaries/028544f023a57fce1dea8f3971f7513ffed6f9654eeb613151f1353f72d7bfd9
crc32: 4DF75759
md5: c0724290259de35b36974ad5c7742be8
sha1: 9b0e006ddf8ba148f0a0063313b239ba508e7b58
sha256: 028544f023a57fce1dea8f3971f7513ffed6f9654eeb613151f1353f72d7bfd9
sha512: 2bd555ef85a7cd250e1760843d4bbb24b6de9ba2e84d9fd31fcb4574559489ad18257082c8e90b07796f57024ce98bef207d10a10708315fb92786c46883c8f9
ssdeep: 98304:j67XlVN/bV0wvw3HL2SqtYcpjLVEFojFRt9m:jQlVe7myTFgFRt9m
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T13E06232377E1F271D5A222F54B6BD325A776BD306231DB4BA3C04E9B7B244819636323
sha3_384: 85672247f660891427159fd605cbb03f7efb62cd0870fa8fa15b2296aeae77a9bca5981cdb8bec03b95b5a0d0693478b
ep_bytes: e848b10000e917feffffb8ab094600a3
timestamp: 2008-06-12 08:51:05


Version Info:

FileVersion: 3.5.0.0
Comments: Created By Marco Allam
FileDescription: AMPAWsmasherX By Marco Allam
LegalCopyright: AMPAWsmasherX By Marco Allam
Translation: 0x0809 0x04b0

Malware.AI.4270204586 also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Autoit.4!c
Elasticmalicious (high confidence)
MalwarebytesMalware.AI.4270204586
ESET-NOD32Win32/Packed.Autoit.D.Gen suspicious
APEXMalicious
AlibabaPacked:Win32/Generic.7deb4766
Trapminesuspicious.low.ml.score
SophosMal/Generic-S
XcitiumMalware@#37kzmi7nscbhv
CynetMalicious (score: 100)
VBA32Trojan.Autoit.F
Cylanceunsafe
YandexWorm.Autoit.Gen
SentinelOneStatic AI – Suspicious PE
MaxSecureTrojan.Malware.216104583.susgen
FortinetPossibleThreat.vw
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_70% (W)

How to remove Malware.AI.4270204586?

Malware.AI.4270204586 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment