Malware

Malware.AI.4286480773 removal instruction

Malware Removal

The Malware.AI.4286480773 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.4286480773 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Executed a command line with /C or /R argument to terminate command shell on completion which can be used to hide execution
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Anomalous file deletion behavior detected (10+)
  • Guard pages use detected – possible anti-debugging.
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • A process created a hidden window
  • Drops a binary and executes it
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Checks for the presence of known windows from debuggers and forensic tools
  • Modifies boot configuration settings
  • Installs itself for autorun at Windows startup
  • Uses suspicious command line tools or Windows utilities

How to determine Malware.AI.4286480773?



File Info:

name: 678693046AA032E78511.mlw
path: /opt/CAPEv2/storage/binaries/dd65c73380794febd4a2c9a99dde161a79b4984becab82dccc5ad89245b7017f
crc32: 74D857BA
md5: 678693046aa032e785119b7e2464acd9
sha1: 963f37a0222f2d183ee47065ae86a69d71d0c388
sha256: dd65c73380794febd4a2c9a99dde161a79b4984becab82dccc5ad89245b7017f
sha512: 6249b7a2e256edfac903351cc8d8685e708103461f83eec07fbb87b29085915c10a4d758d0dbb4a9208feef85531aa6e950bef34acbfe9588c185f632f4c0004
ssdeep: 3072:cwXydKWaFApjdMLzeNz97pTkUjPkZOf6LIMTGyZCsoG49a43bh8xNL:7idKWaFYj4zDU6L4yZf49V8r
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T16BF35A80D3E99249F5F71B70D8BA62994D76BE62A829C64E0A540C4D0A31F0C9D7FF37
sha3_384: e6a5c51d8d12d179ffd3edc9486a1681d1a352fc76baba15b33884627ae90e650d49ed3621f3cc907f81e86780866f1e
ep_bytes: 558bec6aff686083400068b07c400064
timestamp: 2019-02-21 17:00:00


Version Info:

CompanyName: Igor Pavlov
FileDescription: 7z Sletup SFX small
FileVersion: 19.00
InternalName: 7zS2.sfx
LegalCopyright: Igor Pavlov : Public domain
OriginalFilename: 7zS2.sfx.exe
ProductName: 7-Zip
ProductVersion: 19.00
Translation: 0x0409 0x04b0

Malware.AI.4286480773 also known as:

LionicTrojan.Win32.Convagent.i!c
MicroWorld-eScanTrojan.GenericKD.38192589
McAfeeRDN/Generic PWS.y
CylanceUnsafe
ZillyaTrojan.Agent.Win32.2557217
K7AntiVirusTrojan ( 0058a8681 )
AlibabaTrojan:Win32/Generic.baee6d60
K7GWTrojan ( 0058a8681 )
ESET-NOD32a variant of Generik.NBALEHE
APEXMalicious
Paloaltogeneric.ml
KasperskyTrojan.Win32.Agent.xalesb
BitDefenderTrojan.GenericKD.38192589
AvastWin32:Malware-gen
Ad-AwareTrojan.GenericKD.38192589
SophosMal/Generic-S
F-SecureTrojan.TR/Agent.miath
TrendMicroTROJ_GEN.R067C0WL821
McAfee-GW-EditionRDN/Generic PWS.y
FireEyeTrojan.GenericKD.38192589
EmsisoftTrojan.GenericKD.38192589 (B)
IkarusTrojan.Win32.Krypt
GDataTrojan.GenericKD.38192589
JiangminTrojan.Agent.drjm
AviraTR/Agent.miath
Antiy-AVLTrojan/Win32.Generic
KingsoftWin32.Troj.Agent.(kcloud)
GridinsoftRansom.Win32.Sabsik.sa
ArcabitTrojan.Generic.D246C5CD
ViRobotTrojan.Win32.Z.Agent.165090
MicrosoftTrojan:Win32/Sabsik.TE.B!ml
CynetMalicious (score: 99)
AhnLab-V3Trojan/Win.Generic.C4788874
VBA32TrojanPSW.Convagent
ALYacTrojan.GenericKD.38192589
MAXmalware (ai score=84)
MalwarebytesMalware.AI.4286480773
TrendMicro-HouseCallTROJ_GEN.R067C0WL821
FortinetMalicious_Behavior.SB
AVGWin32:Malware-gen
PandaTrj/CI.A

How to remove Malware.AI.4286480773?

Malware.AI.4286480773 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment