Malware

Malware.AI.955709779 malicious file

Malware Removal

The Malware.AI.955709779 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.955709779 virus can do?

  • Sample contains Overlay data
  • Presents an Authenticode digital signature
  • Performs HTTP requests potentially not found in PCAP.
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese
  • Authenticode signature is invalid
  • Attempts to modify proxy settings
  • Attempts to modify browser security settings
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Malware.AI.955709779?



File Info:

name: 2949BBF8D0C508B127DF.mlw
path: /opt/CAPEv2/storage/binaries/fca5d366f31c29f9733f19049de89730acaed010ccdebe6b74bee8258ec63b82
crc32: 5BAF382A
md5: 2949bbf8d0c508b127df50b9ca0f1f9f
sha1: 8bc9673ad73186a8cc64628d70ade6047cbdbd5b
sha256: fca5d366f31c29f9733f19049de89730acaed010ccdebe6b74bee8258ec63b82
sha512: bc62d2af1ac1c490dec15cda52a2929b0e397db1b27d3fc319844ab700799f651d10b186309015838529f8ad2619d4e60784c685106e159677cef384d88bc70e
ssdeep: 98304:JgJm/gVZ9u2jogMUIhn6Pk+NPZS64lMvWjqEa/wD3LwGrYV:alZ3ogXM6X7EF3LwGrI
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T13A069D31BA45C877D2A32531892DA76E6169E6311B3409C3B3DC1E3D2FB11C3593AA6F
sha3_384: 19eb9fe2c90362297f9ee0823d9750d6f9921f2729596248b0a6e53406ce7733dbbd4920dd646cc564cf66e8bf1190e7
ep_bytes: e860010100e989feffff8bff558bec51
timestamp: 2020-05-25 02:01:25


Version Info:

CompanyName: StarEditor
FileDescription: StarEditor
FileVersion: 1.2.2.1
InternalName: StarEditor.exe
LegalCopyright: Copyright (C) 2020
OriginalFilename: StarEditor.exe
ProductName: StarEditor
ProductVersion: 1.2.2.1
Translation: 0x0804 0x04b0

Malware.AI.955709779 also known as:

LionicTrojan.Win32.Chindo.4!c
MicroWorld-eScanAdware.Generic.3118913
FireEyeAdware.Generic.3118913
SkyhighArtemis!Trojan
ALYacAdware.Generic.3118913
Cylanceunsafe
ZillyaDownloader.Chindo.Win32.2500
SangforAdware.Win32.Chindo.Vq8e
K7AntiVirusTrojan-Downloader ( 00561bad1 )
AlibabaTrojanDownloader:Win32/Chindo.889c9584
K7GWTrojan-Downloader ( 00561bad1 )
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/TrojanDownloader.Chindo.AG
ClamAVWin.Malware.Ursu-8837603-0
KasperskyTrojan-Downloader.Win32.Chindo.dll
BitDefenderAdware.Generic.3118913
NANO-AntivirusTrojan.Win32.Chindo.jxrmog
AvastWin32:AdwareX-gen [Adw]
TencentMalware.Win32.Gencirc.115b8ab6
SophosMal/Generic-S
F-SecureTrojan.TR/Dldr.Chindo.mlupn
DrWebAdware.Softcnapp.161
VIPREAdware.Generic.3118913
TrendMicroTROJ_GEN.R002C0XHE23
EmsisoftAdware.Generic.3118913 (B)
GDataAdware.Generic.3118913
GoogleDetected
AviraTR/Dldr.Chindo.mlupn
VaristW32/ABRisk.BYYR-8759
Kingsoftmalware.kb.a.796
ArcabitAdware.Generic.D2F9741
ZoneAlarmTrojan-Downloader.Win32.Chindo.dll
MicrosoftProgram:Win32/Wacapew.C!ml
AhnLab-V3Trojan/Win.Chindo.R483799
McAfeeArtemis!2949BBF8D0C5
MAXmalware (ai score=62)
VBA32BScope.TrojanDownloader.Chindo
MalwarebytesMalware.AI.955709779
PandaTrj/Genetic.gen
TrendMicro-HouseCallTROJ_GEN.R002C0XHE23
RisingAdware.Agent!1.C65E (CLASSIC)
MaxSecureTrojan.Malware.73843956.susgen
FortinetRiskware/Chindo
AVGWin32:AdwareX-gen [Adw]
DeepInstinctMALICIOUS

How to remove Malware.AI.955709779?

Malware.AI.955709779 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment