Malware

Malware.AI.554335785 removal guide

Malware Removal

The Malware.AI.554335785 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.554335785 virus can do?

  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Possible date expiration check, exits too soon after checking local time
  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Binary compilation timestomping detected

How to determine Malware.AI.554335785?



File Info:

name: 5EC1EF796A728286AF32.mlw
path: /opt/CAPEv2/storage/binaries/10f53c5e4e8e8c1595c48e7ca874c0b55e89cf5d8d836a876a55ab32d6365447
crc32: 9CA4A99E
md5: 5ec1ef796a728286af3219c67b9a56e9
sha1: 17677874bd77090564df70b732829c17a9404d67
sha256: 10f53c5e4e8e8c1595c48e7ca874c0b55e89cf5d8d836a876a55ab32d6365447
sha512: 793c09f920a28c34cec6027f7aa9b672a78aa266d71e406eee644b80e7ea4608875ac03382e72b7bf88ba6aefd306895cfb2cc64261c40babf3021b3d031cb21
ssdeep: 12288:yRbWAYtv/hj0rSHWHjl5/cwpB6N7OkiUujgm4oGEOB4VMzxP8ejMxn:UWBdh4D/cwp2TuUm4oOV8Bxn
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1F2E4E020B2F94B65D67BA7F64631110427F67E652531E20E0CEAB4EB25B3F800A74F97
sha3_384: d18f474a2ced5317262dd0b75b1ebb8281b805c98ec2e70c561d39b07d6c17db4fe1e3535e7fdc7e81b6630b34f8263d
ep_bytes: ff250020400000000000000000000000
timestamp: 2040-10-06 00:06:27


Version Info:

Translation: 0x0000 0x04b0
Comments: 
CompanyName: Microsoft
FileDescription: Lite Extraction
FileVersion: 1.0.0.0
InternalName: ISurrogateSelec.exe
LegalCopyright: Copyright ©  2020 - 2022
LegalTrademarks: 
OriginalFilename: ISurrogateSelec.exe
ProductName: Lite Extraction
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Malware.AI.554335785 also known as:

BkavW32.AIDetectNet.01
Elasticmalicious (high confidence)
McAfeeArtemis!5EC1EF796A72
MalwarebytesMalware.AI.554335785
K7AntiVirusRiskware ( 00584baa1 )
BitDefenderTrojan.GenericKD.48926011
K7GWRiskware ( 00584baa1 )
CyrenW32/MSIL_Kryptik.HCA.gen!Eldorado
SymantecScr.Malcode!gdn30
tehtrisGeneric.Malware
ESET-NOD32a variant of MSIL/Kryptik.AEWW
APEXMalicious
AvastWin32:PWSX-gen [Trj]
CynetMalicious (score: 100)
KasperskyHEUR:Trojan-Spy.MSIL.Noon.gen
MicroWorld-eScanTrojan.GenericKD.48926011
RisingTrojan.Generic/MSIL@AI.96 (RDM.MSIL:HV+KHnWfed7xN6JHvh3iBg)
Ad-AwareTrojan.GenericKD.48926011
SophosML/PE-A
F-SecureTrojan.TR/AD.Swotter.wrdcy
McAfee-GW-EditionArtemis!Trojan
FireEyeGeneric.mg.5ec1ef796a728286
EmsisoftTrojan.GenericKD.48926011 (B)
SentinelOneStatic AI – Malicious PE
AviraTR/Dropper.Gen
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
GDataTrojan.GenericKD.48926011
AhnLab-V3Trojan/Win.PWSX-gen.C5100587
MAXmalware (ai score=84)
CylanceUnsafe
MaxSecureTrojan.Malware.300983.susgen
FortinetMSIL/Kryptik.AEWA!tr
AVGWin32:PWSX-gen [Trj]
CrowdStrikewin/malicious_confidence_60% (D)

How to remove Malware.AI.554335785?

Malware.AI.554335785 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment