How to remove “Malware.AI.1235406161”?

The Malware.AI.1235406161 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.1235406161 virus can do?

Presents an Authenticode digital signature
Authenticode signature is invalid
Anomalous binary characteristics

How to determine Malware.AI.1235406161?


File Info:
name: 79D15B6C5FE2FE87DC05.mlw
path: /opt/CAPEv2/storage/binaries/e4c382b5290f3407b4f240bb9c0efd0402e91a321ad30a1b8e82c02c715094cc
crc32: E4CACDE0
md5: 79d15b6c5fe2fe87dc053f0b7d907466
sha1: e2938293590d3a78fa1cf5338f7ccda193829d95
sha256: e4c382b5290f3407b4f240bb9c0efd0402e91a321ad30a1b8e82c02c715094cc
sha512: 6174231035b27635b0b9aa811f641ec5f8713b0529590fd7b187cbfa32a0c739f7fc9cb87526bea943e50b41b8a32f63033c96ab4ae49a63ee112754066bca95
ssdeep: 6144:uV+krJSj4fozHsDJhRtUA7c50M5izh97qFhijvbblVJU:uAklpoMlV5KV5izrqFkblI
type: PE32+ executable (console) x86-64, for MS Windows
tlsh: T1E8444B12B3E600ACE5B7D57089B652726A73B8211730EBEF0618C5652F33FD19E39726
sha3_384: bc99d4bb5be42dcd7aacceaf629517c9bc4e80106f9c72efb4904513c7c2521cd5363ec21db2feb8267e3f1ea9a446f5
ep_bytes: 4883ec28e88b0300004883c428e992fd
timestamp: 2015-06-25 10:27:37

Version Info:
Platform: NT
LegalTrademarks: Microsoft SQL Server is a registered trademark of Microsoft Corporation.
Comments: SQL
GoldenBits: False
CompanyName: Microsoft Corporation
FileDescription: SQL External minidumper
FileVersion: 2011.0110.9165.1186 ((BI_Office_Stab).150625-0308)
InternalName: SqlDumper
LegalCopyright: Microsoft Corp. All rights reserved.
OriginalFilename: SqlDumper.exe
ProductName: Microsoft SQL Server
ProductVersion: 11.0.9165.1186
Translation: 0x0409 0x04b0

Malware.AI.1235406161 also known as:

Lionic	Trojan.Win32.Generic.4!c
MicroWorld-eScan	Trojan.GenericKD.47502825
FireEye	Generic.mg.79d15b6c5fe2fe87
ALYac	Trojan.GenericKD.47502825
Cybereason	malicious.3590d3
Baidu	Win32.Trojan.VB.t
Cyren	W64/Pajetbin.N.gen!Eldorado
Paloalto	generic.ml
ClamAV	Win.Worm.Vindor-9886047-0
BitDefender	Trojan.GenericKD.47502825
Avast	Win32:VB-FBX
Ad-Aware	Trojan.GenericKD.47502825
DrWeb	Win32.HLLW.Autoruner.547
TrendMicro	Possible_SMDITERTAG
McAfee-GW-Edition	Artemis!Trojan
Emsisoft	Trojan.GenericKD.47502825 (B)
Ikarus	Virus.Win32.Fakefire
GData	Trojan.GenericKD.47502825
MAX	malware (ai score=81)
Microsoft	Trojan:Win32/Wacatac.B!ml
Cynet	Malicious (score: 100)
McAfee	Artemis!79D15B6C5FE2
Malwarebytes	Malware.AI.1235406161
TrendMicro-HouseCall	Possible_SMDITERTAG
Rising	Worm.VB!1.DA3E (CLASSIC)
SentinelOne	Static AI – Suspicious PE
Fortinet	W64/Pajetbin.N!tr
AVG	Win32:VB-FBX
CrowdStrike	win/malicious_confidence_90% (W)
MaxSecure	Trojan.Malware.121218.susgen

How to remove Malware.AI.1235406161?

Malware.AI.1235406161 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X