What is “Malware.AI.121299887”?

The Malware.AI.121299887 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.121299887 virus can do?

Dynamic (imported) function loading detected
Authenticode signature is invalid

How to determine Malware.AI.121299887?


File Info:
name: AA104DE67A7F4271E6A3.mlw
path: /opt/CAPEv2/storage/binaries/596b2a6921ac6f4e8fae301aad147efff273d5778fa010b2bcb73cb9fe4f7afe
crc32: CE047D01
md5: aa104de67a7f4271e6a31057c3c4bc68
sha1: c7cac760b5f56b8e9e072dd525685365dae1dc45
sha256: 596b2a6921ac6f4e8fae301aad147efff273d5778fa010b2bcb73cb9fe4f7afe
sha512: f4e1e3e3863c6428d09ab3ed5ffc4940b0e563f707b327bde3d18d53163d79a85e30be9201c4156218eeb1fcf97eacd3209d3ab6f7e6e01304154efa8bb391ff
ssdeep: 6144:C1ba1ba1ba1ba1ba1ba1ba1ba1ba1ba1ba1ba1ba1b:YbAbAbAbAbAbAbAbAbAbAbAbAbAb
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1DF65AC2529FB509DF3A39FB11FC8B8FF896AE673290A71F6214107064722D44CD52B39
sha3_384: 985f48c8b213c52e25bbdfec7be76385099be66815ab4df6fdf655ea7d486b7c06ca3a247502a47509667e073747b184
ep_bytes: ff250020400000000000000000000000
timestamp: 2018-04-03 06:46:39

Version Info:
Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: Windows
FileVersion: 1.0.0.0
InternalName: Windows.exe
LegalCopyright: Copyright ©  2018
LegalTrademarks: 
OriginalFilename: Windows.exe
ProductName: Windows
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Malware.AI.121299887 also known as:

Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:MSIL.Heur2.Lagos.2
FireEye	Generic.mg.aa104de67a7f4271
Cylance	Unsafe
Sangfor	Trojan.Win32.Save.a
Cybereason	malicious.67a7f4
BitDefenderTheta	Gen:NN.ZemsilF.34084.Bn3@aqw0wP
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of MSIL/Kryptik.BEW
APEX	Malicious
Kaspersky	HEUR:Trojan.MSIL.Generic
BitDefender	Gen:MSIL.Heur2.Lagos.2
NANO-Antivirus	Trojan.Win32.Crypt.ezlwto
Avast	Win32:Malware-gen
Ad-Aware	Gen:MSIL.Heur2.Lagos.2
Sophos	ML/PE-A
DrWeb	Trojan.DownLoader22.27479
Emsisoft	Gen:MSIL.Heur2.Lagos.2 (B)
SentinelOne	Static AI – Malicious PE
GData	Gen:MSIL.Heur2.Lagos.2
eGambit	Unsafe.AI_Score_96%
Avira	TR/Dropper.MSIL.Gen
Antiy-AVL	Trojan/Generic.ASMalwS.253BFD3
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
Cynet	Malicious (score: 100)
AhnLab-V3	Malware/Win32.RL_Generic.R284752
VBA32	TScope.Trojan.MSIL
ALYac	Gen:MSIL.Heur2.Lagos.2
MAX	malware (ai score=80)
Malwarebytes	Malware.AI.121299887
Yandex	Trojan.Crypt!ealvg47+yKo
Ikarus	Trojan.MSIL.Crypt
MaxSecure	Trojan.Malware.11824818.susgen
AVG	Win32:Malware-gen
Panda	Trj/GdSda.A
CrowdStrike	win/malicious_confidence_100% (D)

How to remove Malware.AI.121299887?

Malware.AI.121299887 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X