Malware

Malware.AI.4289120399 removal instruction

Malware Removal

The Malware.AI.4289120399 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.4289120399 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Reads data out of its own binary image
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • CAPE detected the VMProtectStub malware family
  • Anomalous binary characteristics

How to determine Malware.AI.4289120399?



File Info:

name: A6C9AF1A11EC87262E10.mlw
path: /opt/CAPEv2/storage/binaries/a24c7a80bbdfc95bb08f878f61f542218741b5f657b52a2099594d6d7fffcb21
crc32: EA071163
md5: a6c9af1a11ec87262e10764c4534f2c9
sha1: e10932ff986beeaf059dd7030f93a5c6ad59b65d
sha256: a24c7a80bbdfc95bb08f878f61f542218741b5f657b52a2099594d6d7fffcb21
sha512: 25a258cf22ec432ee205c6adcfdb51ae938f8c846061d04ce597415b85ceb45cff825518f637ff8cbae18176ef3cc0d218264ba5fe4e5dc59072316994dc4927
ssdeep: 49152:pb/JWi99QluAv0ivP2RBYeSGsaNNG2UET5HSiPyQBtkLgohjgqC1qBpfQxnalyTL:p7JWimxFvP2vWYGxniPkfjaqMRalyur+
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1ADD5337239449D14DEDA4737CE2B580D81334F93D6DD1B329E41BA9CAF12B16B9E8238
sha3_384: 5fa6ad80d56a412f411180b8244213811f077b0753ebc8722a673a1fed2e91d7f2c6889eebb1e6baa9d48fcba11b2f3a
ep_bytes: 9ce8b84a2700000043616c6c4e657874
timestamp: 2012-08-25 12:38:39


Version Info:

CompanyName: LEGEND网络
FileDescription: 
FileVersion: 1.9.6.1
InternalName: LoginTool.exe
LegalCopyright: LEGEND网络
LegalTrademarks: 
OriginalFilename: LoginTool.exe
ProductName: LoginTool.exe
ProductVersion: 1.9.6.1
Comments: 
Translation: 0x0804 0x03a8

Malware.AI.4289120399 also known as:

BkavW32.AIDetect.malware2
LionicHacktool.Win32.Gamehack.3!c
Elasticmalicious (high confidence)
CynetMalicious (score: 100)
CylanceUnsafe
SangforTrojan.Win32.Save.a
K7AntiVirusPassword-Stealer ( 0049ec661 )
AlibabaHackTool:Win32/Legendmir.f1f1e21e
K7GWPassword-Stealer ( 0049ec661 )
Cybereasonmalicious.f986be
SymantecML.Attribute.HighConfidence
ESET-NOD32Win32/PSW.Legendmir.NKR
APEXMalicious
ClamAVWin.Trojan.Kazy-8337
KasperskyHackTool.Win32.Gamehack.bqa
NANO-AntivirusTrojan.Win32.Crossrider.dvtoid
SUPERAntiSpywareTrojan.Agent/Gen-DelfInject
AvastWin32:Evo-gen [Trj]
TACHYONTrojan/W32.Gamehack.2933332
ComodoVirus.Win32.Virut.CE@1fhkga
F-SecureHeuristic.HEUR/AGEN.1242903
ZillyaTrojan.Legendmir.Win32.2286
McAfee-GW-EditionBehavesLike.Win32.Generic.vc
FireEyeGeneric.mg.a6c9af1a11ec8726
SophosGeneric PUA OB (PUA)
SentinelOneStatic AI – Suspicious PE
JiangminRiskTool.Generic.pdf
AviraHEUR/AGEN.1242903
Antiy-AVLTrojan/Generic.ASMalwS.40
KingsoftWin32.Troj.Agent.uu.(kcloud)
MicrosoftTrojan:Win32/Wacatac.B!ml
ZoneAlarmHackTool.Win32.Gamehack.bqa
GoogleDetected
McAfeeGenericRXAA-FA!A6C9AF1A11EC
VBA32Adware.Creprote
MalwarebytesMalware.AI.4289120399
RisingTrojan.Generic@AI.94 (RDML:FITLuOM/NTpvVFTANjJwLw)
YandexTrojan.GenAsa!aNHM2zg3FDY
IkarusTrojan.Win32.PSW
MaxSecureVirus.WIN32.RiskTool.Generic_224116
AVGWin32:Evo-gen [Trj]

How to remove Malware.AI.4289120399?

Malware.AI.4289120399 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment