Should I remove “Malware.AI.1399114461”?

The Malware.AI.1399114461 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.1399114461 virus can do?

The binary contains an unknown PE section name indicative of packing
The executable is compressed using UPX
Authenticode signature is invalid

How to determine Malware.AI.1399114461?


File Info:
name: E9FF3906C2C96526D81A.mlw
path: /opt/CAPEv2/storage/binaries/d7f6ef8cc262339d2d33a6aa4ad3a49092df5bcbf5af794a79ca0ebfc40712b5
crc32: 0420E25A
md5: e9ff3906c2c96526d81a74474cd6a579
sha1: f2f7fb07fdb0bb3789f9822611e53195d50956f2
sha256: d7f6ef8cc262339d2d33a6aa4ad3a49092df5bcbf5af794a79ca0ebfc40712b5
sha512: 79c7a00005d876f0bbfef561ccb0c43cac50010057a063ee275a4154d5c944a0ca5bcfab56375d26569f79c3838cfe643022cd0c6561b82cf87286dc6f60948b
ssdeep: 384:MiEhnrD0HqShjv/aNJawcudoD7UVXe/+Me/Je/tfF1Y/C:MprwHNjvCnbcuyD7UVuQI5no
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T10F132915F7676199EB08D5BFC966C21A10207F29DAB385ABB68C3E7F3D352401D39312
sha3_384: 3aa42badc22f0407ebecf072f708c450e4028d91f5f74bc436d54c712329547bc579ab86c442c48e059258fcf1428318
ep_bytes: 60be004042008dbe00d0fdff5789e58d
timestamp: 2006-11-27 09:24:01

Version Info:
Translation: 0x0409 0x04b0
CompanyName: Oncom
ProductName: xk
FileVersion: 0.00.0020
ProductVersion: 0.00.0020
InternalName: DATA
OriginalFilename: DATA.exe

Malware.AI.1399114461 also known as:

tehtris	Generic.Malware
MicroWorld-eScan	Gen:Trojan.Heur.cm0@!3J3Hini
McAfee	GenericRXAA-AA!E9FF3906C2C9
Cylance	Unsafe
VIPRE	Gen:Trojan.Heur.cm0@!3J3Hini
Sangfor	Trojan.Win32.Save.a
K7AntiVirus	Trojan ( 005726d21 )
K7GW	Trojan ( 005726d21 )
Cybereason	malicious.6c2c96
Cyren	W32/Ludbaruma.A.gen!Eldorado
Elastic	malicious (moderate confidence)
APEX	Malicious
Cynet	Malicious (score: 100)
Kaspersky	UDS:Trojan.Win32.Hesv
BitDefender	Gen:Trojan.Heur.cm0@!3J3Hini
Avast	Win32:Evo-gen [Trj]
Ad-Aware	Gen:Trojan.Heur.cm0@!3J3Hini
Emsisoft	Gen:Trojan.Heur.cm0@!3J3Hini (B)
Comodo	Packed.Win32.MUPX.Gen@24tbus
McAfee-GW-Edition	BehavesLike.Win32.Rontokbro.pz
Trapmine	malicious.high.ml.score
FireEye	Generic.mg.e9ff3906c2c96526
Sophos	ML/PE-A
SentinelOne	Static AI – Suspicious PE
GData	Gen:Trojan.Heur.cm0@!3J3Hini
Avira	TR/Crypt.ULPM.Gen
MAX	malware (ai score=85)
Arcabit	Trojan.Heur.E11EC1
Microsoft	Trojan:Win32/Wacatac.B!ml
Google	Detected
AhnLab-V3	Backdoor/Win32.IRCBot.R1456
BitDefenderTheta	AI:Packer.AB47D6F71C
ALYac	Gen:Trojan.Heur.cm0@!3J3Hini
Malwarebytes	Malware.AI.1399114461
Rising	Worm.VBInjectEx!1.99E6 (CLASSIC)
Ikarus	Trojan.Win32.Patched
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/Nilage.5B64!tr
AVG	Win32:Evo-gen [Trj]
CrowdStrike	win/malicious_confidence_100% (W)

How to remove Malware.AI.1399114461?

Malware.AI.1399114461 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X