Malware

Malware.AI.428392752 malicious file

Malware Removal

The Malware.AI.428392752 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.428392752 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Behavioural detection: Executable code extraction – unpacking
  • Dynamic (imported) function loading detected
  • Sample contains Overlay data
  • Creates RWX memory
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary contains an unknown PE section name indicative of packing
  • The executable is compressed using UPX
  • Authenticode signature is invalid

How to determine Malware.AI.428392752?



File Info:

name: F7741CA1D042F0F30991.mlw
path: /opt/CAPEv2/storage/binaries/7a99613f16332782ef46692d1d2aa9f18b045cb5d368b02811b34eab1d2bbece
crc32: 5CF76E6D
md5: f7741ca1d042f0f309916ad476e60e32
sha1: 4d9ee75918ba69bb9ce5704cfc1231276e95e98e
sha256: 7a99613f16332782ef46692d1d2aa9f18b045cb5d368b02811b34eab1d2bbece
sha512: bfef37927926191d84e1db9f551ae8c6dea5f7832b578d6b2df3aebf652905716fe2d7cf1a0c146be3d7d89369980aef6fbabeeef9e540d3a0a37398c5c7ea4d
ssdeep: 12288:Y5JK9wGnZERtQEibpUSwVpyFzjL/cpi55WGldMEKfov2Y0uAmDuU/22lTlpf:WJK9PnZ2IoydvrdkfoOY0u4U/jtf
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1A0F49E22B7D2C07AC57330310A96E76955BABDB05B3246C7B3882B3E1F741E16D3D16A
sha3_384: 3ff18c17b945ff220f149825d8dd0eabf40d269b1f6a6f771b755b49fbd1bc14b3a980fcd56bca72c710bd819159b1d2
ep_bytes: e8695e0000e979feffff3b0d30264900
timestamp: 2015-02-04 09:29:10


Version Info:

CompanyName: TODO: 
FileDescription: SHExplorer
FileVersion: 1.0.0.3
InternalName: WBrowser.exe
LegalCopyright: TODO: (C) 。保留所有权利。
OriginalFilename: WBrowser.exe
ProductName: TODO: 
ProductVersion: 1.0.0.3
Translation: 0x0804 0x03a8

Malware.AI.428392752 also known as:

BkavW32.AIDetect.malware1
tehtrisGeneric.Malware
MicroWorld-eScanGen:Variant.Graftor.184758
ALYacGen:Variant.Graftor.184758
CylanceUnsafe
ZillyaRootkit.Agent.Win32.15645
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 004be1121 )
K7GWTrojan ( 004be1121 )
Cybereasonmalicious.1d042f
BaiduWin32.Adware.Generic.cd
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Sfuzuan.N
APEXMalicious
ClamAVWin.Trojan.Agent-1347580
KasperskyRootkit.Win32.Agent.ehck
BitDefenderGen:Variant.Graftor.184758
NANO-AntivirusTrojan.Win32.Agent.dscisa
AvastWin32:GenMaliciousA-KVX [Trj]
TencentMalware.Win32.Gencirc.10b0c271
Ad-AwareGen:Variant.Graftor.184758
EmsisoftGen:Variant.Graftor.184758 (B)
ComodoPacked.Win32.MUPX.Gen@24tbus
DrWebTrojan.Siggen6.36479
VIPREGen:Variant.Graftor.184758
McAfee-GW-EditionBehavesLike.Win32.Generic.bh
Trapminemalicious.high.ml.score
FireEyeGeneric.mg.f7741ca1d042f0f3
SophosMal/Generic-S
SentinelOneStatic AI – Malicious PE
GDataGen:Variant.Graftor.184758
JiangminTrojanSpy.Agent.xjk
AviraTR/Sfuzuan.bzeu
Antiy-AVLTrojan/Generic.ASMalwS.3C54
ArcabitTrojan.Graftor.D2D1B6
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 100)
AhnLab-V3Backdoor/Win.Agent.R499974
McAfeeGenericRXSQ-QN!F7741CA1D042
MAXmalware (ai score=89)
VBA32TrojanSpy.Agent
MalwarebytesMalware.AI.428392752
RisingTrojan.Win32.Generic.18C08AA4 (C64:YzY0OoLAn1s4gYH2)
YandexRootkit.Agent!xbwEgAzL/7U
IkarusTrojan.Spy.Agent
FortinetW32/Sfuzuan.N!tr
BitDefenderThetaGen:NN.ZexaF.34806.Vu1@aWokPfnj
AVGWin32:GenMaliciousA-KVX [Trj]
PandaTrj/Genetic.gen

How to remove Malware.AI.428392752?

Malware.AI.428392752 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment