Malware.AI.1202681463 malicious file

The Malware.AI.1202681463 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.1202681463 virus can do?

Possible date expiration check, exits too soon after checking local time
Dynamic (imported) function loading detected
The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid

How to determine Malware.AI.1202681463?


File Info:
name: 62C8B5A4AE4463736F80.mlw
path: /opt/CAPEv2/storage/binaries/fa0e7ee4c0654e9961d8c0aff903b138d75715342f3ad62624297f31cfb04609
crc32: E6354625
md5: 62c8b5a4ae4463736f80ae52bedbd8a1
sha1: cef9889d4cc793f74e6f9a6e652c1818316c1f20
sha256: fa0e7ee4c0654e9961d8c0aff903b138d75715342f3ad62624297f31cfb04609
sha512: 26bdbf9679c14d6988351dca57ab2eb16ab25a022981ce65c04b3ab68618d23646e8586ea8b3bf4b1c33c8399f284d0a78c9e775335c0c67f60c74d95d9b6b20
ssdeep: 24576:TSkrnahAFU+qxMbcceLiCiFihQEdnLiztMXfBeU6SXc7zKlFTRNrT9rjv:O+adYeeMhaURXaOlFDT9r
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1FB756C33B384643BC47E263A8573E264993BBB61F55A8D5B27F40858CF258803E3E657
sha3_384: 2594c8923c2acead89001a1fee24ac1b7a157064a383422ceee0aaac2a1f21da75e34ef4f31e011ebcc59178858f6c14
ep_bytes: 558bec83c4f05356b8b4135600e82a9e
timestamp: 2020-11-26 07:16:33

Version Info:
CompanyName: David Plus spol. s r.o.
FileDescription: MerkurIS Updater
FileVersion: 2.1.3.0
InternalName: MerkurIS
OriginalFilename: Updater.exe
ProductName: MerkurIS Updater
ProductVersion: 2.1.3.0
Comments: 
Translation: 0x041b 0x04b0

Malware.AI.1202681463 also known as:

Lionic	Trojan.Win32.Ulise.4!c
Elastic	malicious (high confidence)
MicroWorld-eScan	Trojan.GenericKD.48278262
FireEye	Trojan.GenericKD.48278262
McAfee	GenericRXAA-AA!62C8B5A4AE44
Cylance	Unsafe
Sangfor	Trojan.Win32.Glupteba.ml
K7AntiVirus	Trojan-Downloader ( 005706321 )
K7GW	Trojan-Downloader ( 005706321 )
Cyren	W32/Wacatac.CS.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
APEX	Malicious
Paloalto	generic.ml
BitDefender	Trojan.GenericKD.48278262
Avast	Win32:TrojanX-gen [Trj]
Ad-Aware	Trojan.GenericKD.48278262
Sophos	Mal/Generic-S
McAfee-GW-Edition	BehavesLike.Win32.Dropper.th
Emsisoft	Trojan.GenericKD.48278262 (B)
SentinelOne	Static AI – Suspicious PE
GData	Trojan.GenericKD.48278262
Jiangmin	Packed.Dico.aje
Gridinsoft	Ransom.Win32.Wacatac.sa
Arcabit	Trojan.Generic.D2E0AAF6
Microsoft	Trojan:Win32/Glupteba!ml
AhnLab-V3	Trojan/Win32.Wacatac.R348707
BitDefenderTheta	Gen:NN.ZelphiF.34212.KT0@au4FArli
ALYac	Trojan.GenericKD.48278262
MAX	malware (ai score=84)
Malwarebytes	Malware.AI.1202681463
TrendMicro-HouseCall	TROJ_GEN.R002H0CB622
Rising	Trojan.Ymacco!8.11BE1 (RDMK:cmRtazpBMtfBPf9hOagLmMyYcpdK)
Ikarus	Trojan.Agent
MaxSecure	Trojan.Malware.110136320.susgen
Fortinet	W32/Agent.EA38!tr
AVG	Win32:TrojanX-gen [Trj]
Panda	Trj/Genetic.gen
CrowdStrike	win/malicious_confidence_60% (W)

How to remove Malware.AI.1202681463?

Malware.AI.1202681463 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X