Malware

About “Malware.AI.3150256572” infection

Malware Removal

The Malware.AI.3150256572 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.3150256572 virus can do?

  • A file was accessed within the Public folder.
  • Uses Windows utilities for basic functionality
  • Authenticode signature is invalid
  • Anomalous .NET characteristics
  • Compiles .NET code into an executable and executes it
  • Deletes executed files from disk
  • Uses csc.exe C# compiler to build and execute code
  • Uses suspicious command line tools or Windows utilities

How to determine Malware.AI.3150256572?



File Info:

name: F2B251E6AAEF0D37C5AF.mlw
path: /opt/CAPEv2/storage/binaries/b486d7cb6a2602e78458d3a6d023a5ed2357e31958e246e5f1b0a93aa0e02295
crc32: 9C72DF49
md5: f2b251e6aaef0d37c5af2d84a8c95a50
sha1: e3b31b4a4a3e06fa175fce13718b7cfc6c4a1628
sha256: b486d7cb6a2602e78458d3a6d023a5ed2357e31958e246e5f1b0a93aa0e02295
sha512: 506579a7986a8232ec2a665bf742938f33f3f79c18947f4b8a53a64685f0eec0a6d13c16bb413e46fda4d836129f1d9c7fe5b2970637119af1ce88e340b14e0a
ssdeep: 12288:VooZGTB9C9r0KdqqE4n55yp0Hujg1EqMTmQP7ZjOYn6xph+K4n5zLe8oUlJoWrid:
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1C0B43AB532DDEA5AE5F22E70EB9417620E8FBA651D7904C46D390B81D0A7CD3DCB013A
sha3_384: 55909623d3d5c49babecf9ad88d1ac0a6be7c017e428b0dd1cdcad93e1f63e272e7f5c759cc2a8ace8e9411b90d0887d
ep_bytes: ff250020400000000000000000000000
timestamp: 2019-04-11 01:32:16


Version Info:

Translation: 0x0000 0x04b0
FileDescription:  
FileVersion: 0.0.0.0
InternalName: x1214y.exe
LegalCopyright:  
OriginalFilename: x1214y.exe
ProductVersion: 0.0.0.0
Assembly Version: 0.0.0.0

Malware.AI.3150256572 also known as:

BkavW32.AIDetectMalware.CS
LionicVirus.MSIL.Lamer.n!c
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.GenericKDZ.94670
FireEyeGeneric.mg.f2b251e6aaef0d37
CAT-QuickHealW32.Lamer.M3
SkyhighBehavesLike.Win32.Generic.gz
McAfeeGenericRXAO-XB!F2B251E6AAEF
MalwarebytesMalware.AI.3150256572
VIPRETrojan.GenericKDZ.94670
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 00544e311 )
AlibabaVirus:MSIL/CryptInject.52da4f68
K7GWTrojan ( 00544e311 )
Cybereasonmalicious.a4a3e0
ArcabitTrojan.Generic.D171CE
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/Ribaj.D
CynetMalicious (score: 100)
APEXMalicious
ClamAVWin.Packed.Barys-7725442-0
KasperskyHEUR:Virus.MSIL.Lamer.gen
BitDefenderTrojan.GenericKDZ.94670
NANO-AntivirusTrojan.Win32.Kazy.elhoip
AvastWin32:MalwareX-gen [Trj]
TencentMsil.Virus.Ribaj.Cplw
TACHYONWorm/W32.MSILamer
SophosMSIL/Ribaj-A
F-SecureTrojan.TR/Dropper.MSIL.Gen
DrWebMSIL.Cola.1
ZillyaTrojan.RibajGen.Win32.1
TrendMicroVirus.MSIL.RIBAJ.SMW.orig
Trapminesuspicious.low.ml.score
EmsisoftTrojan.GenericKDZ.94670 (B)
IkarusVirus.MSIL.CryptInject
JiangminVirus.MSIL.Lamer.a
VaristW32/MSIL_Ribaj.B.gen!Eldorado
AviraTR/Dropper.MSIL.Gen
Antiy-AVLTrojan/MSIL.Ribaj.a
Kingsoftmalware.kb.c.1000
XcitiumVirus.MSIL.Ribaj.F@7oybry
MicrosoftTrojan:Win32/CoinMiner!pz
ZoneAlarmHEUR:Virus.MSIL.Lamer.gen
GDataMSIL.Virus.Ribaj.B
GoogleDetected
AhnLab-V3Trojan/Win32.Inject.R254112
BitDefenderThetaGen:NN.ZemsilF.36744.Em0@ayOcQoe
MAXmalware (ai score=84)
VBA32Virus.MSIL.Lamer.1
Cylanceunsafe
TrendMicro-HouseCallVirus.MSIL.RIBAJ.SMW.orig
RisingTrojan.Ribaj!1.B577 (CLASSIC)
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.GenericKDZ.51306
FortinetMSIL/Ribaj.D
AVGWin32:MalwareX-gen [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Malware.AI.3150256572?

Malware.AI.3150256572 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment