Malware

About “Malware.AI.4284573621” infection

Malware Removal

The Malware.AI.4284573621 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.4284573621 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Dynamic (imported) function loading detected
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Presents an Authenticode digital signature
  • Expresses interest in specific running processes
  • Unconventionial language used in binary resources: Korean
  • Authenticode signature is invalid

How to determine Malware.AI.4284573621?



File Info:

name: DC4340CCC4FAC15D5073.mlw
path: /opt/CAPEv2/storage/binaries/d0dfd08edf7cd3ea3374d200a12eb39e52412efa060762b2b8cbe5fbd262fd47
crc32: 9318BB45
md5: dc4340ccc4fac15d5073f1286fd39f3b
sha1: 8a6a1e3cfefc9fe8734e5ac3daec677f8be39c01
sha256: d0dfd08edf7cd3ea3374d200a12eb39e52412efa060762b2b8cbe5fbd262fd47
sha512: ce72fceed29525b81692d92bab4a7f2159846b912b1d6a360902f8894626ad95a6f7860564a9bbffdfc199db9df1507ef7093c4abb6ee8a47efca3db0891106c
ssdeep: 98304:mN3XwRzLiVbnmPLb8P9UEMOW+dl9R6mtp/fWNtq3pDR7:kXwTH+3/pp/fWNtcNB
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1D0F58D21BD5048B6FE2302314988FB74E5ED75F45BF945C77268AA2C2E359C3CA2C16B
sha3_384: 3c694768f95d8144835cc1ff2e99ee152beabb9bd39a9805b09967a10bcb3659fd2bba515281828e8738b53ce0391368
ep_bytes: e8e50d0000e935feffffc20000558bec
timestamp: 2022-06-07 08:05:23


Version Info:

Comments: 
CompanyName: 
FileDescription: 
FileVersion: 1, 0, 0, 1
InternalName: ngpup
LegalCopyright: Copyright (C) 2017
LegalTrademarks: 
OriginalFilename: ngpup.EXE
PrivateBuild: 
ProductName: 
ProductVersion: 1, 0, 0, 1
SpecialBuild: 
Translation: 0x0412 0x04b0

Malware.AI.4284573621 also known as:

LionicTrojan.Win32.Jatif.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.GenericKD.49224424
FireEyeTrojan.GenericKD.49224424
ALYacTrojan.GenericKD.49224424
CylanceUnsafe
CyrenW32/ABRisk.LXNU-7883
SymantecML.Attribute.HighConfidence
Paloaltogeneric.ml
BitDefenderTrojan.GenericKD.49224424
AvastWin32:TrojanX-gen [Trj]
Ad-AwareTrojan.GenericKD.49224424
EmsisoftTrojan.GenericKD.49224424 (B)
McAfee-GW-EditionGenericRXPO-EO!DC4340CCC4FA
GDataTrojan.GenericKD.49224424
MAXmalware (ai score=80)
ArcabitTrojan.Generic.D2EF1AE8
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 100)
AhnLab-V3PUP/Win.Generic.C5057158
McAfeeGenericRXPO-EO!DC4340CCC4FA
VBA32BScope.Trojan.Adkor
MalwarebytesMalware.AI.4284573621
TrendMicro-HouseCallTROJ_GEN.R03BH0CFP22
MaxSecureTrojan.Malware.180164280.susgen
FortinetW32/PossibleThreat
AVGWin32:TrojanX-gen [Trj]
CrowdStrikewin/grayware_confidence_60% (D)

How to remove Malware.AI.4284573621?

Malware.AI.4284573621 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment