Malware

Malware.AI.919234751 removal tips

Malware Removal

The Malware.AI.919234751 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.919234751 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • NtSetInformationThread: attempt to hide thread from debugger
  • Dynamic (imported) function loading detected
  • Expresses interest in specific running processes
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • Authenticode signature is invalid
  • Checks for the presence of known windows from debuggers and forensic tools
  • Creates or sets a registry key to a long series of bytes, possibly to store a binary or malware config
  • The following process appear to have been packed with Themida: caribivp.exe
  • Installs itself for autorun at Windows startup
  • Network activity detected but not expressed in API logs
  • CAPE detected the DLAgent14 malware family
  • Attempts to identify installed AV products by installation directory
  • Checks the version of Bios, possibly for anti-virtualization
  • Detects VirtualBox through the presence of a registry key

Related domains:

wpad.local-net

How to determine Malware.AI.919234751?



File Info:

name: B5F92307904D7FF7B239.mlw
path: /opt/CAPEv2/storage/binaries/a16870457b27dc28fbe98cf395c127b7884366d9cd244583c226a36e76dee72d
crc32: 88D60F21
md5: b5f92307904d7ff7b239d7f3be88cbd0
sha1: e442c3f44b5be7ef7ddb6a00babddbe1e0418238
sha256: a16870457b27dc28fbe98cf395c127b7884366d9cd244583c226a36e76dee72d
sha512: 2ca3bd137362bcbfc0f0b4eb05d1e7908de38134bedcfe1be72c2fa4569ad222c2156ce71be0338416350e34136e50a27573800a592e7620c3360ac54ac0dcf4
ssdeep: 49152:q1ZYroflYi0UQUQzVmPN/FVWkGLzoyEaLzZFMruRFU5AFHZgy7lIJjMe4sMGCrx:qZpljjuVmxFsLzzEQFMr6HGvjfMLx
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1FFE53352B84D88A3F3AE47F4526C66320916FD273A30C155A79C7EAD627205BC0267FF
sha3_384: 175b428635e36d78503d38155fe680d4eb956c9db67ef096495b492d25f74b61939e2784fa655841246ed00c279efa0a
ep_bytes: 81ecd4020000535556576a2033ed5e89
timestamp: 2012-02-24 19:20:04


Version Info:

FileDescription: 
FileVersion: 1.0.0.0
LegalCopyright: bimane
ProductVersion: 1.0.0.0
Translation: 0x0000 0x04b0

Malware.AI.919234751 also known as:

Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.GenericKD.38102185
FireEyeGeneric.mg.b5f92307904d7ff7
CAT-QuickHealTrojan.Multi
McAfeeArtemis!B5F92307904D
MalwarebytesMalware.AI.919234751
ZillyaDropper.Scrop.Win32.1411
K7AntiVirusTrojan ( 00581cd31 )
AlibabaTrojan:Win32/Sleltasos.c3278bd2
K7GWTrojan ( 00581cd31 )
Cybereasonmalicious.7904d7
BitDefenderThetaGen:NN.ZexaF.34062.j@W@a0UQdEdi
CyrenW32/Kryptik.FHH.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32multiple detections
TrendMicro-HouseCallTROJ_GEN.R002C0WKN21
AvastWin32:Trojan-gen
ClamAVWin.Packed.Filerepmalware-9864117-0
KasperskyTrojan.Win32.Sleltasos.bg
BitDefenderTrojan.GenericKD.38102185
NANO-AntivirusVirus.Win32.Gen-Crypt.ccnc
TencentWin32.Trojan.Genkryptik.Piab
Ad-AwareTrojan.GenericKD.38102185
EmsisoftTrojan.GenericKD.38102185 (B)
ComodoTrojWare.Win32.Agent.nknnp@0
F-SecureTrojan.TR/Crypt.XPACK.Gen
TrendMicroTROJ_GEN.R002C0WKN21
McAfee-GW-EditionBehavesLike.Win32.AdwareSuLang.wc
SophosMal/Generic-S
Paloaltogeneric.ml
GDataWin32.Trojan.BSE.HLJWVB
WebrootW32.Trojan.TR.Crypt.XPACK
AviraHEUR/AGEN.1140896
Antiy-AVLTrojan/Win32.Kryptik
GridinsoftRansom.Win32.Sabsik.sa
MicrosoftTrojan:Win32/Tnega!MSR
CynetMalicious (score: 100)
AhnLab-V3Malware/Win.Generic.C4786620
VBA32Trojan.Sleltasos
ALYacTrojan.GenericKD.38102185
MAXmalware (ai score=88)
APEXMalicious
RisingTrojan.Generic@ML.100 (RDML:lzQglWy8mKh+7MCBdfugtA)
SentinelOneStatic AI – Suspicious PE
FortinetW32/GenKryptik.FJVW!tr
AVGWin32:Trojan-gen
PandaTrj/CI.A
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Malware.AI.919234751?

Malware.AI.919234751 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment