Malware

What is “Malware.AI.730912879”?

Malware Removal

The Malware.AI.730912879 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.730912879 virus can do?

  • Executable code extraction
  • Attempts to connect to a dead IP:Port (1 unique times)
  • Creates RWX memory
  • The binary likely contains encrypted or compressed data.
  • Attempts to remove evidence of file being downloaded from the Internet
  • Attempts to repeatedly call a single API many times in order to delay analysis time
  • Installs itself for autorun at Windows startup
  • Exhibits possible ransomware file modification behavior
  • Writes a potential ransom message to disk
  • Creates a copy of itself
  • Appends a known CryptoShield ransomware file extension to files that have been encrypted
  • Anomalous binary characteristics

Related domains:

z.whorecord.xyz
a.tomx.xyz

How to determine Malware.AI.730912879?



File Info:

crc32: F3124583
md5: 1abc8513a971e5c08be46f7aaaad1ab5
name: 1ABC8513A971E5C08BE46F7AAAAD1AB5.mlw
sha1: 785b767c78615feb813796bf8e27f8819a5f3e12
sha256: a73c0538ad23bf6b092e6109d990802fefe549b0532bf39dc704a88198b8eebb
sha512: 809c582720bc3b167d1301f9cbacef9eb8050790d3095009117101751e54f124539896f5958a5fcbb03cc38c49914fb45256db8eac9ddfa28f80c6a3df2f4bc8
ssdeep: 1536:+O77NZZHLn6P2UwhyrnVFKH8d4D0dc8GuRY9TqNORnlmTwH/0h2IVzWv:+2ZZZbU+Kjo8zO8nYlqNslxH/0h2IVk
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: Copyright (C) 2017
InternalName: ScreenSmart
FileVersion: 11,3 0, 10, 11
CompanyName: SmartScreen Corporations(C)
ProductVersion: 11,3 0, 10, 11
FileDescription: ScreenSmart
OriginalFilename: ScreenSmart
Translation: 0x0014 0x04e2

Malware.AI.730912879 also known as:

BkavW32.AIDetect.malware1
K7AntiVirusTrojan ( 0056e7311 )
Elasticmalicious (high confidence)
DrWebTrojan.DownLoader23.51964
CynetMalicious (score: 100)
CAT-QuickHealRansom.Hydracrypt.A5
ALYacGen:Variant.Ransom.HydraCrypt.19
CylanceUnsafe
ZillyaDropper.Sysn.Win32.5948
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaRansom:Win32/generic.ali2000010
K7GWTrojan ( 0056e7311 )
Cybereasonmalicious.3a971e
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Kryptik.FNWK
APEXMalicious
AvastWin32:Trojan-gen
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Variant.Ransom.HydraCrypt.19
NANO-AntivirusTrojan.Win32.Sysn.elhxdx
MicroWorld-eScanGen:Variant.Ransom.HydraCrypt.19
TencentMalware.Win32.Gencirc.11494de9
Ad-AwareGen:Variant.Ransom.HydraCrypt.19
SophosML/PE-A + Troj/CrShield-A
ComodoMalware@#1dulp5zq9h1qp
BitDefenderThetaGen:NN.ZexaF.34722.gu0@aiEIOchi
VIPRETrojan.Win32.Generic!BT
TrendMicroRansom_HPCRYPAURA.SMA
McAfee-GW-EditionBehavesLike.Win32.Emotet.ch
FireEyeGeneric.mg.1abc8513a971e5c0
EmsisoftGen:Variant.Ransom.HydraCrypt.19 (B)
SentinelOneStatic AI – Malicious PE
JiangminTrojanDropper.Sysn.dpk
WebrootTrojan.Dropper.Gen
AviraHEUR/AGEN.1113618
KingsoftWin32.Troj.GenericKD.v.(kcloud)
MicrosoftRansom:Win32/Shieldcrypt.A
ArcabitTrojan.Ransom.HydraCrypt.19
AegisLabTrojan.Win32.Sysn.b!c
GDataGen:Variant.Ransom.HydraCrypt.19
AhnLab-V3Win-Trojan/CryptoShield.Gen
McAfeeTrojan-FLDE!1ABC8513A971
MAXmalware (ai score=100)
VBA32BScope.Trojan.Downloader
MalwarebytesMalware.AI.730912879
PandaTrj/CI.A
TrendMicro-HouseCallRansom_HPCRYPAURA.SMA
RisingTrojan.Generic@ML.100 (RDML:vAfsbWV+l+pePqQ0kYvpOw)
YandexTrojan.GenAsa!n11U9exWX/I
IkarusTrojan-Ransom.HydraCrypt
FortinetW32/Kryptik.FNYO!tr
AVGWin32:Trojan-gen
Paloaltogeneric.ml

How to remove Malware.AI.730912879?

Malware.AI.730912879 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment