Malware

About “Malware.AI.608641659” infection

Malware Removal

The Malware.AI.608641659 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.608641659 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Uses Windows utilities for basic functionality
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Created a service that was not started
  • Uses suspicious command line tools or Windows utilities
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Malware.AI.608641659?



File Info:

name: 288F234A3F3F0467FAFE.mlw
path: /opt/CAPEv2/storage/binaries/362ee5fd54551efa60c5d445a287cbf7ece004b3656dbcacaed06aa0d33772b1
crc32: 5DE1B4CF
md5: 288f234a3f3f0467fafed7eeffd16feb
sha1: 62efbc2481e211b6afa638109de2cfb6cd29ea41
sha256: 362ee5fd54551efa60c5d445a287cbf7ece004b3656dbcacaed06aa0d33772b1
sha512: 561b72b98424c8cd89b29ae56faf857ce6469eb8e3ed3bb7c124c347ddc940856d650921ceef1674ec20469166a8b0aa895a1b82c8195374d064bf0d5ee2ceb1
ssdeep: 196608:K9hWc//PBLread74lbz3QZ44tx8K1C4Kk4dD:K91HBLreEOzAZ44W40dD
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1AF7633AC6ADF9460C4B9407FB719D0735A42356E3E98351632CDEA8FCE2BDD44060BB9
sha3_384: 6e67cdf4d6a131d1bf5327d5ed92164ace3a516b3db06367507ac077660a160a689b2f3fc636f6b174cd77bea6051957
ep_bytes: 558bec83c4c453565733c08945f08945
timestamp: 2023-12-22 17:21:38


Version Info:

Comments: This installation was built with Inno Setup.
CompanyName:                                                             
FileDescription: BITResorator Setup                                          
FileVersion:                     
LegalCopyright:                                                                                                     
ProductName: BITResorator                                                
ProductVersion: 1.2.2.2             
Translation: 0x0000 0x04b0

Malware.AI.608641659 also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Ekstak.4!c
Elasticmalicious (high confidence)
SkyhighBehavesLike.Win32.ObfuscatedPoly.wc
Cylanceunsafe
SangforTrojan.Win32.Agent.Vxcr
K7AntiVirusTrojan ( 005722f11 )
AlibabaTrojanDropper:Win32/Ekstak.0fd030d0
K7GWTrojan ( 005722f11 )
SymantecTrojan.Gen.MBT
ESET-NOD32a variant of Win32/TrojanDropper.Agent.SLC
APEXMalicious
KasperskyUDS:Trojan.Win32.Ekstak.gen
DrWebTrojan.Siggen22.48632
Trapminesuspicious.low.ml.score
SophosMal/Generic-S
IkarusTrojan-Dropper.Win32.Agent
ZoneAlarmUDS:Trojan.Win32.Ekstak.gen
VaristW32/Agent.NFDP-7001
McAfeeArtemis!288F234A3F3F
DeepInstinctMALICIOUS
MalwarebytesMalware.AI.608641659
FortinetW32/Agent.SLC!tr

How to remove Malware.AI.608641659?

Malware.AI.608641659 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment