Should I remove “Malware.AI.1394507813”?

The Malware.AI.1394507813 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.1394507813 virus can do?

Unconventionial language used in binary resources: Chinese (Simplified)
Authenticode signature is invalid
Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Malware.AI.1394507813?


File Info:
name: 9E2A76F461DAD11CB50A.mlw
path: /opt/CAPEv2/storage/binaries/29be678f9722ad4971f28eb9881db38102c8b5e487a0e177e4db3ae51f0d690a
crc32: 58313783
md5: 9e2a76f461dad11cb50a87425502f68f
sha1: 0beaebf3f37713361fb6e4feee03c32dbd2b4e78
sha256: 29be678f9722ad4971f28eb9881db38102c8b5e487a0e177e4db3ae51f0d690a
sha512: 99a6ec511606cd39989e7d7750706605ee99ac8319a85ac64ebd8fb51ca06dbbd0336562243c64cd74da828ff94c7ba78ef4c470dfaa9a2899c44de3a406f5c1
ssdeep: 98304:0/Q53iBmOsnFDf8cxEC2jN/IlG4QtsMmJlRbm:H5fPycj9
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1B5C66D2FEB4156F3C2C9DDF0073A1AF495502AFB4CE0927754A5FB25B9E828D4123E1A
sha3_384: 8ab1f6fc40129927c2f54acaea5810351253e65188a54667da50c02c47a8e2dc926c322d19f39873c5d3df21070ba7fa
ep_bytes: 558bec6aff68e08df2006804ba510064
timestamp: 2021-01-27 00:56:37

Version Info:
0: [No Data]

Malware.AI.1394507813 also known as:

Lionic	Trojan.Win32.Generic.lIa2
tehtris	Generic.Malware
FireEye	Generic.mg.9e2a76f461dad11c
McAfee	Artemis!9E2A76F461DA
Malwarebytes	Malware.AI.1394507813
Sangfor	Trojan.Win32.Agent.Vm3f
CrowdStrike	win/malicious_confidence_60% (D)
K7GW	Trojan ( 005246d51 )
K7AntiVirus	Trojan ( 005246d51 )
BitDefenderTheta	Gen:NN.ZexaF.36250.@tW@aysUAllH
Cyren	W32/Trojan.CLL.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win32/Packed.FlyStudio.AA potentially unwanted
APEX	Malicious
Cynet	Malicious (score: 100)
Avast	Win32:TrojanX-gen [Trj]
Rising	Trojan.Generic@AI.98 (RDML:zk20KrO5kX6IRhNUVF7cQA)
McAfee-GW-Edition	BehavesLike.Win32.Generic.wm
Trapmine	malicious.moderate.ml.score
Sophos	Generic Reputation PUA (PUA)
SentinelOne	Static AI – Suspicious PE
Antiy-AVL	Trojan/Win32.FlyStudio.a
Xcitium	TrojWare.Win32.Agent.OSCF@5rs7jr
Microsoft	Trojan:Win32/Wacatac.B!ml
GData	Win32.Trojan.PSE.1TYMTF4
Google	Detected
VBA32	BScope.Trojan.Casur
Cylance	unsafe
Fortinet	W32/CoinMiner.PHP!tr
AVG	Win32:TrojanX-gen [Trj]
DeepInstinct	MALICIOUS

How to remove Malware.AI.1394507813?

Malware.AI.1394507813 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X