Crack

MemScan:Application.Hacktool.AIM (file analysis)

Malware Removal

The MemScan:Application.Hacktool.AIM is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What MemScan:Application.Hacktool.AIM virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • Authenticode signature is invalid

How to determine MemScan:Application.Hacktool.AIM?


File Info:

name: 80C8B8031B1C94DFE5E5.mlw
path: /opt/CAPEv2/storage/binaries/e1a740a9cf387e64e00e2354cd971e76c1f1cc1c8fedb48cef3ed9e545fbad71
crc32: 22F60EC2
md5: 80c8b8031b1c94dfe5e5cb98fb29533e
sha1: dddfcf939615641912f704190fce1f90b4cbb4b3
sha256: e1a740a9cf387e64e00e2354cd971e76c1f1cc1c8fedb48cef3ed9e545fbad71
sha512: 95517a09607ec064aeb1a6fddf1c84e50931cb0b533f7cdd41283679767d56a4e083f87089617bb7c8db71447123a74f853b6c55aa128143ac103fdd525dc0e3
ssdeep: 12288:VCdOy3vVrKxR5CXbNjAOxK/j2n+4YG/6c1mFFja3mXgcjfRlgsUBgaPWZbYVb9f2:VCdxte/80jYLT3U1jfsWaPWo5GDEbQ
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T11725AD2273DDC360CB669173BF69B3016EBB78654630B85B2F880D7DA950171262DBA3
sha3_384: 48c0d8690c758331ce959449ff7b3a720fe3f81b9530040d2cfe6afd953c91c20fe1cd1a0d02841f8db5898ee537da90
ep_bytes: e8b8d00000e97ffeffffcccccccccccc
timestamp: 2017-06-07 01:05:58

Version Info:

Translation: 0x0809 0x04b0

MemScan:Application.Hacktool.AIM also known as:

BkavW32.AIDetect.malware2
LionicTrojan.Win32.Generic.4!e
MicroWorld-eScanMemScan:Application.Hacktool.AIM
CAT-QuickHealTrojan.GenericPMF.S3075445
ALYacMemScan:Application.Hacktool.AIM
CylanceUnsafe
SangforTrojan.MSIL.Injector.SBJ
K7AntiVirusUnwanted-Program ( 004d38111 )
K7GWUnwanted-Program ( 004d38111 )
Cybereasonmalicious.31b1c9
SymantecTrojan.Gen.2
ESET-NOD32multiple detections
APEXMalicious
Paloaltogeneric.ml
KasperskyHEUR:Trojan.Script.Generic
BitDefenderMemScan:Application.Hacktool.AIM
NANO-AntivirusTrojan.Win32.Bladabindi.eptuln
AvastWin32:Trojan-gen
RisingTrojan.Occamy!8.F1CD (CLOUD)
Ad-AwareMemScan:Application.Hacktool.AIM
SophosMal/Generic-S (PUA)
ComodoMalware@#1hyestxcl3zhp
DrWebBackDoor.Bladabindi.13678
TrendMicroTROJ_GEN.R002C0OGB21
McAfee-GW-EditionBehavesLike.Win32.TrojanAitInject.dh
FireEyeMemScan:Application.Hacktool.AIM
EmsisoftMemScan:Application.Hacktool.AIM (B)
GDataMemScan:Application.Hacktool.AIM
WebrootW32.Trojan.Gen
AviraTR/AD.Bladabindi.mporq
MAXmalware (ai score=77)
MicrosoftBackdoor:MSIL/Bladabindi
CynetMalicious (score: 99)
AhnLab-V3Trojan/Win32.Generic.C4024183
McAfeeArtemis!80C8B8031B1C
MalwarebytesMachineLearning/Anomalous.95%
TrendMicro-HouseCallTROJ_GEN.R002C0OGB21
TencentWin32.Trojan.Generic.Eadk
IkarusTrojan.MSIL.Injector
FortinetRiskware/Patcher
BitDefenderThetaAI:Packer.B9BBD06B21
AVGWin32:Trojan-gen
PandaTrj/CI.A
CrowdStrikewin/malicious_confidence_100% (W)

How to remove MemScan:Application.Hacktool.AIM?

MemScan:Application.Hacktool.AIM removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment