Should I remove “Malware.AI.1564300846”?

The Malware.AI.1564300846 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.1564300846 virus can do?

Dynamic (imported) function loading detected
CAPE extracted potentially suspicious content
Authenticode signature is invalid
Unusual version info supplied for binary

How to determine Malware.AI.1564300846?


File Info:
name: 63B1EAFAFF94FDE3E27A.mlw
path: /opt/CAPEv2/storage/binaries/32ceb78e8691398d03f3490f9ee15b7e0bf793bced2a95c4c12540ecd4f37031
crc32: E539C473
md5: 63b1eafaff94fde3e27afa4fe2e8ec68
sha1: 0817e083756f9ecbc55ac0433f8b6e7aa2c3de81
sha256: 32ceb78e8691398d03f3490f9ee15b7e0bf793bced2a95c4c12540ecd4f37031
sha512: ab25f482794aadc3c2365ced3f6565f476773deaeca73356750d0f358f104e22547e8eb750bf741d254c39fd7121b61dd9c384221c049149c3356c2879c6ca5e
ssdeep: 12288:u5qq6T1DEUYm6uFsTSg+anBP6T1DEUYm6uFsTSg+agBPlqV0VR8XHl:u5SNF6dT+anp6NF6dT+agpYV0VCHl
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T1D8558C13521C9522C1D83EB7701652392BAB9E314ACD8147E5B83CBF293D68BFD90D6E
sha3_384: d740af5914fbf329871f97d2f22e5fc008bb028c18c6c17bc40a149791e41e5e2b3f9a9cc6e13d52fbef8a997adddf7d
ep_bytes: ff250020400000000000000000000000
timestamp: 2021-05-22 17:43:26

Version Info:
Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: 
FileVersion: 9.9.9.9
InternalName: HowToDoYouLoveMe.exe
LegalCopyright: Copyright © Microsoft 2021
LegalTrademarks: 
OriginalFilename: HowToDoYouLoveMe.exe
ProductName: 
ProductVersion: 9.9.9.9
Assembly Version: 1.6.0.0

Malware.AI.1564300846 also known as:

Lionic	Trojan.Win32.Heracles.4!c
Elastic	malicious (high confidence)
DrWeb	Trojan.KillProc2.10306
MicroWorld-eScan	Gen:Variant.MSILHeracles.19184
FireEye	Generic.mg.63b1eafaff94fde3
CAT-QuickHeal	Trojan.YakbeexMSIL.ZZ4
McAfee	Artemis!63B1EAFAFF94
Cylance	Unsafe
Zillya	Trojan.DllInject.Win32.15099
Sangfor	Suspicious.Win32.Save.a
K7AntiVirus	Unwanted-Program ( 004be5fa1 )
K7GW	Unwanted-Program ( 004be5fa1 )
Cybereason	malicious.aff94f
BitDefenderTheta	Gen:NN.ZemsilF.34182.sn0@aKW7RSc
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of MSIL/DllInject.CW potentially unsafe
TrendMicro-HouseCall	TROJ_GEN.R002C0RLF21
Paloalto	generic.ml
BitDefender	Gen:Variant.MSILHeracles.19184
NANO-Antivirus	Trojan.Win32.KillProc2.jjioit
Avast	Win32:MiscX-gen [PUP]
Emsisoft	Gen:Variant.MSILHeracles.19184 (B)
TrendMicro	TROJ_GEN.R002C0RLF21
McAfee-GW-Edition	Artemis!Trojan
Sophos	Mal/Generic-S + Mal/MSIL-AX
Ikarus	Trojan-Ransom.ShellLocker
Avira	TR/Redcap.tovxe
MAX	malware (ai score=85)
Microsoft	Trojan:Win32/Wacatac.B!ml
ViRobot	Trojan.Win32.Z.Wacapew.1350144
GData	Gen:Variant.MSILHeracles.19184
AhnLab-V3	Malware/Win.Generic.C4433155
VBA32	Trojan.KillProc
ALYac	Gen:Variant.MSILHeracles.19184
Malwarebytes	Malware.AI.1564300846
APEX	Malicious
Rising	Trojan.Generic/MSIL@AI.98 (RDM.MSIL:qILm7o/V62G/9E+uoev/Gw)
SentinelOne	Static AI – Malicious PE
Fortinet	Adware/DllInject
AVG	Win32:MiscX-gen [PUP]
Panda	Trj/GdSda.A
CrowdStrike	win/malicious_confidence_100% (W)

How to remove Malware.AI.1564300846?

Malware.AI.1564300846 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X