Malware

Malware.AI.4281529159 (file analysis)

Malware Removal

The Malware.AI.4281529159 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.4281529159 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • CAPE extracted potentially suspicious content
  • Unconventionial language used in binary resources: Arabic (Algeria)
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid

How to determine Malware.AI.4281529159?



File Info:

name: EB02E7180A5BFA65E65E.mlw
path: /opt/CAPEv2/storage/binaries/5436784935729e7f8a249c9a00d17988162259efa536b3e150bc7a2dc231970c
crc32: F5050002
md5: eb02e7180a5bfa65e65eb0d3d5bbfa6e
sha1: df07ba1b1d3068d952863aee28af6af30a71a210
sha256: 5436784935729e7f8a249c9a00d17988162259efa536b3e150bc7a2dc231970c
sha512: 47906603a16e3619f8df2a4d4dc9028b71844bbede0da0cb1d582062002271af7e530ab852d615776fe23aa564db73ad1505b6d611888b1e916d443048a0adca
ssdeep: 49152:qnV9xaxFe6iRyhJ3jkqQVSfWVXqASv1x1dKO/5t7WGiocfGJDcjQcy20RHrzKgiR:qnV9xHSjL+EnHOMz5ysZA5+bf6c
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T17956D05675EBC1A5C85204B509ED97F2093F2A955913886D6FE00E8E0FBF4CB2A6133F
sha3_384: 41be12c88b77ae3115481135c1574c13386da3eb47cc170f12623f3097a6eced21d01c2853844b9df51bac8ab6665438
ep_bytes: 558bec83c4f0b81c864800e8f4d9f7ff
timestamp: 1992-06-19 22:22:17


Version Info:

CompanyName: S te g  anos Software GmbH
FileDescription: Steganos Shredder
Translation: 0x0409 0x04e4

Malware.AI.4281529159 also known as:

BkavW32.AIDetect.malware2
MicroWorld-eScanGen:Variant.Zusy.440014
ClamAVWin.Packed.Generickdz-9948392-0
ALYacGen:Variant.Zusy.440014
CylanceUnsafe
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/GenKryptik.GBCO
APEXMalicious
CynetMalicious (score: 100)
KasperskyHEUR:Trojan.Win32.Agentb.gen
BitDefenderGen:Variant.Zusy.440014
Ad-AwareGen:Variant.Zusy.440014
EmsisoftGen:Variant.Zusy.440014 (B)
FireEyeGeneric.mg.eb02e7180a5bfa65
GDataGen:Variant.Zusy.440014
MAXmalware (ai score=89)
Antiy-AVLTrojan/Generic.ASMalwS.813F
ArcabitTrojan.Zusy.D6B6CE
MicrosoftTrojan:Win32/Wacatac.B!ml
GoogleDetected
McAfeeGenericRXUK-SU!EB02E7180A5B
VBA32Malware-Cryptor.Limpopo
MalwarebytesMalware.AI.4281529159
RisingTrojan.Generic@AI.100 (RDML:4Z11UK5VdVNiDNeOgkGREA)
IkarusTrojan.Win32.Rozena
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/GenKryptik.FSCS!tr
BitDefenderThetaGen:NN.ZelphiF.34726.@J0@aWz!t@iO
AVGWin32:CrypterX-gen [Trj]
Cybereasonmalicious.b1d306
AvastWin32:CrypterX-gen [Trj]

How to remove Malware.AI.4281529159?

Malware.AI.4281529159 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment