Malware.AI.1389957138 removal

The Malware.AI.1389957138 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.1389957138 virus can do?

Authenticode signature is invalid
Binary file triggered YARA rule
Yara detections observed in process dumps, payloads or dropped files

How to determine Malware.AI.1389957138?


File Info:
name: F02C21982F93475F9D0D.mlw
path: /opt/CAPEv2/storage/binaries/c5f91242a8e565421ddf1855f145f93f9d670c1dba395036f4ea127775bd2396
crc32: 7043AC0F
md5: f02c21982f93475f9d0d9264cddb6d25
sha1: 36fd4d1dfc2beefed3af7e94574268147f9f6e69
sha256: c5f91242a8e565421ddf1855f145f93f9d670c1dba395036f4ea127775bd2396
sha512: fcb3a027aafa22cb29b1b07f8aea45e858cedc412acb169470161d7850eba35393ffa54891900fe722c3e775388a56f94b0a36152a1f13598dd270a3af18c46e
ssdeep: 3072:ywcNxMLxlBbSvEDp9fjVK0kz+CEnhh5z:okLxlJ7DXXYF0Z
type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
tlsh: T12AE36B1272C080B1E5BF053C4425AB26977FBE71DAB18D87BBD4164E98742C0DE39BA3
sha3_384: c9882f00361b2d18fb40f11c7bc8d3986035995884d6ace6b35ddb07775862fca8ed20a52b62a56647bc43b5225994c8
ep_bytes: 558bec837d0c017505e815440000ff75
timestamp: 2019-12-11 13:06:51

Version Info:
FileDescription: inetc NSIS plug-in
FileVersion: 1.0.5.2
InternalName: inetc.dll
LegalCopyright: Copyright © Takhir Bedertdinov
OriginalFilename: inetc.dll
ProductName: inetc NSIS plug-in
ProductVersion: 1.0.5.2
Translation: 0x0409 0x04b0

Malware.AI.1389957138 also known as:

Lionic	Trojan.Win32.Sorab.4!c
MicroWorld-eScan	Gen:Variant.Application.Sorab.10
FireEye	Gen:Variant.Application.Sorab.10
Skyhigh	BehavesLike.Win32.NetLoader.ch
McAfee	GenericRXQB-WZ!F02C21982F93
Malwarebytes	Malware.AI.1389957138
VIPRE	Gen:Variant.Application.Sorab.10
Sangfor	Trojan.Win32.Ymacco.ABC5
K7AntiVirus	Trojan ( 0055f75f1 )
Alibaba	Trojan:Win32/Generic.72d28f31
K7GW	Trojan ( 0055f75f1 )
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win32/Agent.ABMK
BitDefender	Gen:Variant.Application.Sorab.10
Avast	FileRepMalware [Trj]
Emsisoft	Gen:Variant.Application.Sorab.10 (B)
Zillya	Trojan.Agent.Win32.1320577
Sophos	Mal/Generic-S
MAX	malware (ai score=73)
Google	Detected
Antiy-AVL	Trojan/Win32.Agent
Arcabit	Trojan.Application.Sorab.10
GData	Gen:Variant.Application.Sorab.10
Cynet	Malicious (score: 100)
ALYac	Gen:Variant.Application.Sorab.10
Cylance	unsafe
Panda	Trj/GdSda.A
Rising	Trojan.Generic@AI.95 (RDMK:60uG38ctyVFP2mC/7F42pA)
Yandex	Trojan.Agent!Xdn/2CyoxbE
Ikarus	Trojan.Win32.Agent
MaxSecure	Trojan.Malware.101039804.susgen
AVG	FileRepMalware [Trj]
DeepInstinct	MALICIOUS
alibabacloud	Trojan.Win.UnkAgent

How to remove Malware.AI.1389957138?

Malware.AI.1389957138 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X