Malware

Malware.AI.4281122860 removal tips

Malware Removal

The Malware.AI.4281122860 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.4281122860 virus can do?

  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Network activity detected but not expressed in API logs
  • Binary compilation timestomping detected

Related domains:

wpad.local-net

How to determine Malware.AI.4281122860?



File Info:

name: E155733BF3297BEEA68F.mlw
path: /opt/CAPEv2/storage/binaries/d1f4a5f0d23a718d4e1d8a6421e645a142c34b7243556f747b828e7e4df57636
crc32: 7FB8BC8C
md5: e155733bf3297beea68fb9456b95b8c9
sha1: 7585429595620aab2556ec085a55b3a5908c67d2
sha256: d1f4a5f0d23a718d4e1d8a6421e645a142c34b7243556f747b828e7e4df57636
sha512: ace2da4ce27aa9e0fce8eb4484ff71db251722ef1acf8efd9c8719b8619b61b4c81ee668a941565083d63cf9eab574c7b15a968286083a57c12915dbfa608fad
ssdeep: 98304:URW8EoUMnIkdo+qdKgMAXTZ74YcmTimT:URXUMI+DqnMAX97zcSiS
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T12D26E159B788781BD877813786627636228D4C68AB21D3C31848B33C59F7FE85B46FC6
sha3_384: 4c8fbd01b86184ae3cb8cbbb33e682413b8359c7e28874a560c9bb36778ceac78aa052ab5f8210f479d1c032dcb65d4a
ep_bytes: ff250020400000000000000000000000
timestamp: 2056-11-25 16:22:57


Version Info:

Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: CNC
FileVersion: 1.0.0.2
InternalName: CNC.exe
LegalCopyright: Copyright ©  2021
LegalTrademarks: 
OriginalFilename: CNC.exe
ProductName: CNC
ProductVersion: 1.0.0.2
Assembly Version: 1.0.0.2

Malware.AI.4281122860 also known as:

Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.MSILHeracles.26968
FireEyeGen:Variant.MSILHeracles.26968
ESET-NOD32Win64/Rootkit.Agent.AC
APEXMalicious
KasperskyRootkit.Win64.Agent.bhc
BitDefenderGen:Variant.MSILHeracles.26968
AvastWin32:MalwareX-gen [Trj]
Ad-AwareGen:Variant.MSILHeracles.26968
EmsisoftGen:Variant.MSILHeracles.26968 (B)
DrWebTrojan.BtcMine.1580
GDataGen:Variant.MSILHeracles.26968
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
ALYacGen:Variant.MSILHeracles.26968
MAXmalware (ai score=83)
VBA32Trojan.BtcMine
MalwarebytesMalware.AI.4281122860
SentinelOneStatic AI – Malicious PE
AVGWin32:MalwareX-gen [Trj]
MaxSecureTrojan.Malware.300983.susgen

How to remove Malware.AI.4281122860?

Malware.AI.4281122860 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment