Malware

Malware.AI.4294948060 malicious file

Malware Removal

The Malware.AI.4294948060 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.4294948060 virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Expresses interest in specific running processes
  • The binary likely contains encrypted or compressed data.
  • Checks for the presence of known windows from debuggers and forensic tools
  • The following process appear to have been packed with Themida: rundll32.exe
  • Network activity detected but not expressed in API logs
  • Checks for the presence of known devices from debuggers and forensic tools
  • Detects the presence of Wine emulator via registry key
  • Checks the version of Bios, possibly for anti-virtualization
  • Detects VirtualBox through the presence of a registry key
  • Anomalous binary characteristics

How to determine Malware.AI.4294948060?



File Info:

crc32: 3EB39CF4
md5: 3e10e5ede0259f6d85b725eda57d2f4d
name: 3E10E5EDE0259F6D85B725EDA57D2F4D.mlw
sha1: dfd058f8298e9690de1fae3d9381081ec0363a7a
sha256: aa3bfe0b75997da9693f303aa5a6b4d9d9aeeba96b3cfe094dc5d7c671489ed7
sha512: f66375d138b72d467f30be099e7425f54b161e979dbc2a4dbdad120ea51beceee52d575a629d4f1a1f1863c132755142c4a197e8c7f5bbc5ccecf49f3638705d
ssdeep: 49152:caXpkS1AMNApAWsQhTAtgosirELaDjHuHTnw1BHXmQXxJF0S:cISWAMSTsQmtgosir26jHuz49XjX/z
type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: xa9 Microsoft Corporation. All rights reserved.
InternalName: version
FileVersion: 5.1.2600.5512 (xpsp.080413-2105)
CompanyName: Microsoft Corporation
ProductName: Microsoftxae Windowsxae Operating System
ProductVersion: 5.1.2600.5512
FileDescription: Version Checking and File Installation Libraries
OriginalFilename: VERSION.DLL
Translation: 0x0409 0x04b0

Malware.AI.4294948060 also known as:

Elasticmalicious (high confidence)
DrWebTrojan.PWS.Gamania.34950
CynetMalicious (score: 100)
CAT-QuickHealTrojan.Wacatac
ALYacGen:Trojan.Heur.@z8auikP3iai
CylanceUnsafe
ZillyaTrojan.Themida.Win32.65088
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaTrojan:Win32/FakeMS.a9ec070c
K7GWRiskware ( 0040eff71 )
K7AntiVirusRiskware ( 0040eff71 )
CyrenW32/Patched.P.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Packed.Themida.HFL
APEXMalicious
AvastWin32:Malware-gen
BitDefenderGen:Trojan.Heur.@z8auikP3iai
NANO-AntivirusTrojan.Win32.Gamania.higqnj
MicroWorld-eScanGen:Trojan.Heur.@z8auikP3iai
TencentWin32.Trojan.Crypt.Lkno
Ad-AwareGen:Trojan.Heur.@z8auikP3iai
SophosMal/Generic-R + Mal/FakeMS-X
BitDefenderThetaAI:Packer.BA75733A1C
VIPRETrojan.Win32.Generic!BT
TrendMicroTROJ_GEN.R002C0DDN21
FireEyeGeneric.mg.3e10e5ede0259f6d
EmsisoftGen:Trojan.Heur.@z8auikP3iai (B)
SentinelOneStatic AI – Malicious PE
WebrootW32.Trojan.Gen
AviraTR/Crypt.FKM.Gen
eGambitUnsafe.AI_Score_99%
Antiy-AVLTrojan/Generic.ASMalwS.303C822
KingsoftWin32.Troj.Generic_a.a.(kcloud)
MicrosoftTrojan:MSIL/Cryptor
GridinsoftTrojan.Heur!.038100A0
ArcabitTrojan.Heur.EDB050
AegisLabTrojan.Win32.Malicious.4!c
GDataGen:Trojan.Heur.@z8auikP3iai
VBA32TrojanPSW.Gamania
MAXmalware (ai score=81)
MalwarebytesMalware.AI.4294948060
PandaTrj/Agent.AJS
TrendMicro-HouseCallTROJ_GEN.R002C0DDN21
RisingTrojan.Occamy!8.F1CD (CLOUD)
IkarusTrojan.Crypt
MaxSecureTrojan.Malware.82435196.susgen
FortinetW32/FakeMS.X!tr
AVGWin32:Malware-gen
Paloaltogeneric.ml

How to remove Malware.AI.4294948060?

Malware.AI.4294948060 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment