Malware

Malware.AI.4279934511 removal tips

Malware Removal

The Malware.AI.4279934511 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.4279934511 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Behavioural detection: Executable code extraction – unpacking
  • Creates RWX memory
  • Possible date expiration check, exits too soon after checking local time
  • NtSetInformationThread: attempt to hide thread from debugger
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Behavioural detection: Injection (Process Hollowing)
  • Executed a process and injected code into it, probably while unpacking
  • Behavioural detection: Injection (inter-process)
  • Created a process from a suspicious location
  • Anomalous binary characteristics

How to determine Malware.AI.4279934511?



File Info:

name: D442A1A8A8B98F57817E.mlw
path: /opt/CAPEv2/storage/binaries/248c2ed59d127b08447237ea2679c76a5d603a57b84b8457d45d139da528c57e
crc32: 9EC4A013
md5: d442a1a8a8b98f57817e88632cb1ccb0
sha1: 0cb7d34d3053df1051c41377996553b485fa60c7
sha256: 248c2ed59d127b08447237ea2679c76a5d603a57b84b8457d45d139da528c57e
sha512: aef862cbaaddab9ed4a2b4b3e19f38dd5b37c8b9e51330fa10219aa642bffa89b822d836929bc4c5919769c9b8b85fcbebd9939c8fa893a51ef8c51c9c5bf409
ssdeep: 768:liKk6qmWhGKTSDssZdLaZr3iiE9BBlivKxKWmhJ3x0ww5ChK0zfJLWxdY2o:lJRBeGKTwLaFiii+ABm85V6JL
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T10BC3010DA6E7B3B5E705D730EE94A9BD0383621DF0C68A8B9DC4CFEE4D29857048E546
sha3_384: 232f2293bee138c44de765c03e1fbccdb074866fc995a9ce288f89ecf302efba75828cf6e87d910ea7520465817d3789
ep_bytes: 5589e583ec08c7042402000000ff156c
timestamp: 2012-12-19 20:20:09


Version Info:

CompanyName: 
FileVersion: 
FileDescription: 
InternalName: 
LegalCopyright: 
LegalTrademarks: 
OriginalFilename: 
ProductName: 
ProductVersion: 
Translation: 0x041c 0x04e4

Malware.AI.4279934511 also known as:

LionicTrojan.Win32.Generic.4!c
Elasticmalicious (high confidence)
DrWebTrojan.PWS.Stealer.946
CynetMalicious (score: 100)
FireEyeGeneric.mg.d442a1a8a8b98f57
CAT-QuickHealTrojan.Ransom.A
McAfeeInjection Dropper.B
CylanceUnsafe
ZillyaTrojan.Jorik.Win32.186390
SangforTrojan.Win32.Mingc.1
CrowdStrikewin/malicious_confidence_90% (W)
AlibabaVirTool:Win32/CeeInject.94791a76
K7GWTrojan ( 0040f03f1 )
K7AntiVirusTrojan ( 0040f03f1 )
BitDefenderThetaGen:NN.ZexaF.34182.hC0@aixrjQmi
CyrenW32/Zbot.IF.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Injector.AALE
TrendMicro-HouseCallTROJ_CINJECT.SMA
Paloaltogeneric.ml
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Variant.Fugrafa.91405
NANO-AntivirusTrojan.Win32.Stealer.bgacnd
SUPERAntiSpywareTrojan.Agent/Gen-PWS
MicroWorld-eScanGen:Variant.Fugrafa.91405
AvastWin32:Malware-gen
TencentMalware.Win32.Gencirc.11493476
EmsisoftGen:Variant.Fugrafa.91405 (B)
ComodoTrojWare.Win32.PWS.ZBot.ATB@4sozjf
VIPRETrojan.Win32.Reveton.a (v)
TrendMicroTROJ_CINJECT.SMA
McAfee-GW-EditionBehavesLike.Win32.Kudj.ch
SophosML/PE-A + Mal/Zbot-IQ
IkarusTrojan-Spy.Win32.Zbot
JiangminTrojan/Yakes.iur
WebrootTrojan.Dropper.Gen
AviraTR/Crypt.XPACK.Gen
Antiy-AVLTrojan/Generic.ASMalwS.18DB31
MicrosoftPWS:Win32/Fareit
GDataGen:Variant.Fugrafa.91405
AhnLab-V3Spyware/Win32.Zbot.R47129
VBA32Trojan.EA.01671
ALYacGen:Variant.Fugrafa.91405
MAXmalware (ai score=100)
MalwarebytesMalware.AI.4279934511
APEXMalicious
RisingTrojan.Mingc!1.660C (CLOUD)
YandexTrojan.Agent!+r0yUETclVc
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.5002097.susgen
FortinetW32/Zbot.AAU!tr
AVGWin32:Malware-gen
Cybereasonmalicious.8a8b98
PandaTrj/Zbot.M

How to remove Malware.AI.4279934511?

Malware.AI.4279934511 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment