Malware.AI.154695044 (file analysis)

The Malware.AI.154695044 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.154695044 virus can do?

The binary contains an unknown PE section name indicative of packing
The executable is compressed using UPX
Authenticode signature is invalid

How to determine Malware.AI.154695044?


File Info:
name: 19DDE35C93ABFD98FFF0.mlw
path: /opt/CAPEv2/storage/binaries/42c03a60901a3285ec31a94403ebec3e0b4f63b530e7580bb1f3ea0a87e09516
crc32: 74390242
md5: 19dde35c93abfd98fff0d34888d9dfef
sha1: 3d90e2b108ea4e7c73412acb46f8fff227dfbaa1
sha256: 42c03a60901a3285ec31a94403ebec3e0b4f63b530e7580bb1f3ea0a87e09516
sha512: 8ad6fc95f57dd61468850ef4fbaa59c48c64f563a2256f83c38e7d4616dfed526fa25397ed486d36c6e497cd4e7b21211cdbdf6db51f8da0aecfbef92f47ad60
ssdeep: 384:wtylDtI9ZLKX+Qq7WByQAZLIsJeSHg8lHZkWbsEA/ghu0+ar91+VqSf8DDp7vks5:+gVzZ6ZkfXFmnCI9W79VxrYF88C
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T156032D46B6E408DEC2BC48F3086171F664317965BDA3C1567A33222A5832F62174EFBF
sha3_384: 5f3f726d11f87a180113c14535ad1a7f4068599cf90e899fcaa8fe7993edbf55876d28b8ba04c2febb4b1a0712203037
ep_bytes: 60be00b041008dbe0060feff5783cdff
timestamp: 2011-05-21 00:11:49

Version Info:
Translation: 0x0409 0x04b0
CompanyName: Microsoft
ProductName: sdfsdf
FileVersion: 1.00
ProductVersion: 1.00
InternalName: lolololol
OriginalFilename: lolololol.exe

Malware.AI.154695044 also known as:

Elastic	malicious (moderate confidence)
MicroWorld-eScan	Gen:Trojan.Heur.cm0@!NDReRfi
FireEye	Generic.mg.19dde35c93abfd98
ALYac	Gen:Trojan.Heur.cm0@!NDReRfi
Cylance	Unsafe
Sangfor	Suspicious.Win32.Save.a
Cybereason	malicious.c93abf
BitDefenderTheta	AI:Packer.0A1FAF0B1C
Symantec	W32.Changeup
tehtris	Generic.Malware
ClamAV	Win.Trojan.Generic-9959068-0
BitDefender	Gen:Trojan.Heur.cm0@!NDReRfi
Cynet	Malicious (score: 100)
SUPERAntiSpyware	Trojan.Agent/Gen-Falofn[Cont]
Avast	Win32:Malware-gen
Ad-Aware	Gen:Trojan.Heur.cm0@!NDReRfi
Comodo	Packed.Win32.MUPX.Gen@24tbus
VIPRE	Gen:Trojan.Heur.cm0@!NDReRfi
McAfee-GW-Edition	BehavesLike.Win32.Fake.nt
Trapmine	malicious.moderate.ml.score
Emsisoft	Gen:Trojan.Heur.cm0@!NDReRfi (B)
APEX	Malicious
GData	Gen:Trojan.Heur.cm0@!NDReRfi
Avira	TR/Crypt.ULPM.Gen
MAX	malware (ai score=84)
Antiy-AVL	Trojan/Win32.Wacatac
Arcabit	Trojan.Heur.ED25E9A
Microsoft	Trojan:Win32/Wacatac.B!ml
Google	Detected
AhnLab-V3	Worm/Win32.VBNA.R7899
Acronis	suspicious
McAfee	Artemis!19DDE35C93AB
Malwarebytes	Malware.AI.154695044
Ikarus	Trojan.Crypt
SentinelOne	Static AI – Malicious PE
Fortinet	W32/ULPM.2C75!tr
AVG	Win32:Malware-gen

How to remove Malware.AI.154695044?

Malware.AI.154695044 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X