About “Malware.AI.12534” infection

The Malware.AI.12534 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.12534 virus can do?

Sample contains Overlay data
The binary contains an unknown PE section name indicative of packing
The binary likely contains encrypted or compressed data.
The executable is compressed using UPX
Authenticode signature is invalid

How to determine Malware.AI.12534?


File Info:
name: FB26E9C4A0ED9708626B.mlw
path: /opt/CAPEv2/storage/binaries/9998701d2fcd882f710125718f773a640a4948e915910f07c2acc8d7d27d83e9
crc32: 52A249B9
md5: fb26e9c4a0ed9708626b090613cecb91
sha1: 5b196ea72b20d22e64a4d0d866b10df10768ece0
sha256: 9998701d2fcd882f710125718f773a640a4948e915910f07c2acc8d7d27d83e9
sha512: 11de9c933d7d4d33fc7c838e8beb6397306049d1cc2454666dfe61b4e70dc7a4b9dbb40a9cc237dd722052dfd1f3f97830ac33c311de9113bf2897453794bba6
ssdeep: 49152:q+pfHxTsMa75Wi0vFqzdIVfUPbjJaWWEGn8mY5a+IfuUmMtxF:qsZTpaNWYPj0EG8la+IuFMTF
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1F3D53397A45710A5D33D8F7A63C2ACD322D14FB4D90F90C92A26F25ECD2B1E85448E5E
sha3_384: 14095325abb83e9a46fd40aabf0ae4f76b99761158fafdd1847369796577c752a9b403e8b85ecbf30c1c13d2ae526fba
ep_bytes: 60be004042008dbe00d0fdff5783cdff
timestamp: 2005-05-30 09:47:19

Version Info:
Comments: 
CompanyName: Igor Pavlov
FileDescription: 7z SFX
FileVersion: 4, 20, 0, 0
InternalName: 7zWin.sfx
LegalCopyright: Copyright (C) 1999-2005 Igor Pavlov
LegalTrademarks: 
OriginalFilename: 7zWin.sfx
PrivateBuild: 
ProductName: 7-Zip
ProductVersion: 4, 20, 0, 0
SpecialBuild: 
Translation: 0x0409 0x04b0

Malware.AI.12534 also known as:

Bkav	W32.Common.E8838A46
Lionic	Trojan.Win32.Silentium.3!c
Skyhigh	BehavesLike.Win32.Autorun.vc
McAfee	Artemis!FB26E9C4A0ED
Malwarebytes	Malware.AI.12534
Sangfor	Exploit.Win32.Silentium.V20d
K7AntiVirus	Riskware ( 0040eff71 )
Alibaba	Exploit:Win32/Silentium.da08241f
K7GW	Riskware ( 0040eff71 )
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Generik.FURERRN
ClamAV	Win.Trojan.Packed-9
Kaspersky	Exploit.Win32.Silentium.r
NANO-Antivirus	Exploit.Win32.Silentium.ezibsq
F-Secure	Backdoor.BDS/Siggen.2783179
DrWeb	BackDoor.Siggen.47350
Sophos	Mal/Generic-R
Ikarus	Trojan-Dropper.Win32.VB
Jiangmin	Exploit.Silentium.g
Webroot	W32.Gen.BT
Avira	BDS/Siggen.2783179
MAX	malware (ai score=100)
Kingsoft	Win32.Exploit.Silentium.r
Microsoft	Trojan:Win32/Wacatac.A!ml
Xcitium	Malware@#3aljv4ctae6ap
ZoneAlarm	Exploit.Win32.Silentium.r
Google	Detected
VBA32	Exploit.Silentium
Cylance	unsafe
TrendMicro-HouseCall	TROJ_GEN.R002H0CCD24
Tencent	Win32.Exploit.Silentium.Jkjl
Yandex	Trojan.GenAsa!GbywpyBZjTg
SentinelOne	Static AI – Malicious SFX
Fortinet	W32/Silentium.R!exploit
alibabacloud	Exploit:Win/Silentium.r

How to remove Malware.AI.12534?

Malware.AI.12534 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X