Malware.AI.856259448 removal guide

The Malware.AI.856259448 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.856259448 virus can do?

SetUnhandledExceptionFilter detected (possible anti-debug)
Yara rule detections observed from a process memory dump/dropped files/CAPE
Dynamic (imported) function loading detected
Authenticode signature is invalid

How to determine Malware.AI.856259448?


File Info:
name: 5530E55517C9710900C5.mlw
path: /opt/CAPEv2/storage/binaries/a16294fad83066e43687ba499b10f49a06b533ecd684991bd55dd21cc3ccdb1e
crc32: A0050EF4
md5: 5530e55517c9710900c5d4397139974c
sha1: 4051b2b07856f1c30105e16384141ed0bb3cac2e
sha256: a16294fad83066e43687ba499b10f49a06b533ecd684991bd55dd21cc3ccdb1e
sha512: 7d82a8aff6695156fc7eda1cdd4ec180768a308b3e42721c3a17896cdb94c2304daff1270ec59be8e4b0dccb2e77e15c021dd3355f2fd34eb85be915bb36b617
ssdeep: 768:SXqCuA7FO2HuP6n02uKwfY8eLLyoJR7hnU2:SXxs2HL03Kwft0LB
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T127F23A237A578072C52142F42975AB73827FF9710B6042C3B7C5A7694E302E27CB2E6B
sha3_384: 9489f147b7850e5107d50ebfe90c3f0a1746d610a06949900cfbc3cd2d284afe4fc209f5c997eee32555213fbaed337b
ep_bytes: e802040000e974feffff558bec8b4508
timestamp: 2021-10-01 18:33:09

Version Info:
0: [No Data]

Malware.AI.856259448 also known as:

Bkav	W32.AIDetect.malware2
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Zusy.400830
McAfee	RDN/Generic.grp
Cylance	Unsafe
VIPRE	Trojan.Win32.Generic!BT
Sangfor	Suspicious.Win32.Save.a
K7AntiVirus	Unwanted-Program ( 0055bf7a1 )
BitDefender	Gen:Variant.Zusy.400830
K7GW	Unwanted-Program ( 0055bf7a1 )
Cybereason	malicious.07856f
Cyren	W32/GameHack.BK.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/GameHack.DTR potentially unsafe
APEX	Malicious
Paloalto	generic.ml
Rising	Malware.Heuristic!ET#85% (RDMK:cmRtazrY3FRN5C9OcNCnvVOMJXu3)
Emsisoft	Gen:Variant.Zusy.400830 (B)
McAfee-GW-Edition	RDN/Generic.grp
FireEye	Generic.mg.5530e55517c97109
Sophos	Mal/Generic-R + Mal/Behav-010
Jiangmin	Trojan.Generic.gwtef
Antiy-AVL	Trojan/Generic.ASMalwS.34BC015
Gridinsoft	Ransom.Win32.Wacatac.sa
Microsoft	Trojan:Win32/Wacatac.B!ml
GData	Gen:Variant.Zusy.400830
Cynet	Malicious (score: 100)
AhnLab-V3	Malware/Win.Generic.R458995
ALYac	Gen:Variant.Zusy.400830
MAX	malware (ai score=85)
VBA32	BScope.Trojan.Pynamer
Malwarebytes	Malware.AI.856259448
TrendMicro-HouseCall	TROJ_GEN.R002H09J221
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/Johnnie.DTR!tr
AVG	FileRepMalware
Avast	FileRepMalware
CrowdStrike	win/malicious_confidence_60% (D)

How to remove Malware.AI.856259448?

Malware.AI.856259448 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X