What is “Malware.AI.1526175635”?

The Malware.AI.1526175635 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.1526175635 virus can do?

Sample contains Overlay data
Reads data out of its own binary image
The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid
Deletes executed files from disk

How to determine Malware.AI.1526175635?


File Info:
name: 3A2E68C0406DC91BB2DE.mlw
path: /opt/CAPEv2/storage/binaries/8dbfdbac6d5597091efd0b93f964d6203e648ec9ff0a11cac7aac5f21302af64
crc32: 554600C1
md5: 3a2e68c0406dc91bb2de79026823eec6
sha1: c5669449d76ddd41a4d8f92a4c6f161e2645ef54
sha256: 8dbfdbac6d5597091efd0b93f964d6203e648ec9ff0a11cac7aac5f21302af64
sha512: 8ce7ccc1bdbeaf796740a8bc5bd42d026666365bcd19e3cd98fd79ccc476e715e53f29aceedba81d4f9e896517f7efaae9e325a870585a14d3eb6f7a3b934c1c
ssdeep: 98304:5a7KNfRtWrasJFtEjED+EZltSRcZK78K4eJ:8AcrB+oaEZ+N7lt
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T187063323925998F7F9113AB84C42F3996B2D6F212C21C553EEE53989F9293D13C3C6D2
sha3_384: 9775ed9bc86441b28f7226b9389be6a3d8d482c2c686833303f5adf600f5df843ff2711670d9ddea6a513e378e993219
ep_bytes: 558becb9130000006a006a004975f951
timestamp: 1992-06-19 22:22:17

Version Info:
Translation: 0x0000 0x04b0
Comments: Sony DualShock 4 to Microsoft Xinput controller mapper
CompanyName: Ryochan7
FileDescription: DS4Windows
FileVersion: 3.0.18
InternalName: DS4Windows.dll
LegalCopyright: Copyright © Scarlet.Crush Productions 2012, 2013; InhexSTER, HecticSeptic, electrobrains 2013, 2014; Jays2Kings 2013, 2014, 2015, 2016; Ryochan7 2017, 2018, 2019, 2020, 2021
OriginalFilename: DS4Windows.dll
ProductName: DS4Windows
ProductVersion: 3.0.18
Assembly Version: 3.0.18.0

Malware.AI.1526175635 also known as:

Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.EquationDrug.tphT
Skyhigh	BehavesLike.Win32.Backdoor.wc
Cylance	unsafe
Zillya	Trojan.SchoolGirl.Win32.86
Sangfor	Trojan.Win32.Agent.Vr0g
CrowdStrike	win/malicious_confidence_60% (W)
BitDefenderTheta	Gen:NN.ZelphiF.36680.NJ3@a4eUPne
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
Cynet	Malicious (score: 100)
APEX	Malicious
Avast	Win32:Malware-gen
Sophos	Generic ML PUA (PUA)
SentinelOne	Static AI – Suspicious PE
Jiangmin	Trojan.Qhost.it
Webroot	W32.Trojan.Gen
Microsoft	Program:Win32/Wacapew.C!ml
Varist	W32/ABTrojan.VBFP-5961
McAfee	Artemis!3A2E68C0406D
VBA32	BScope.Trojan.Qhost
Malwarebytes	Malware.AI.1526175635
TrendMicro-HouseCall	TROJ_GEN.R002H09A224
Rising	Trojan.Generic@AI.100 (RDML:wt/cxsKwOGRgXDxQYsFF7Q)
Ikarus	PUA.Bundled.Toolbar
MaxSecure	Trojan.Malware.210733185.susgen
Fortinet	W32/PossibleThreat
AVG	Win32:Malware-gen
DeepInstinct	MALICIOUS

How to remove Malware.AI.1526175635?

Malware.AI.1526175635 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X