Should I remove “Malware.AI.1624807977”?

The Malware.AI.1624807977 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.1624807977 virus can do?

The binary likely contains encrypted or compressed data.
Authenticode signature is invalid
Anomalous binary characteristics

How to determine Malware.AI.1624807977?


File Info:
name: 68E0CE907F71031F141F.mlw
path: /opt/CAPEv2/storage/binaries/f7c311495692bc29dc37a1e57acfe14d76d571f9a825cc26d571770cbae561bc
crc32: CFFD7AC6
md5: 68e0ce907f71031f141ff980dfcdadea
sha1: 3a210803aeba54bda6a18731470cdc6948036a5f
sha256: f7c311495692bc29dc37a1e57acfe14d76d571f9a825cc26d571770cbae561bc
sha512: 86c77baa42986502cba661da10245a9d8010b1a9b3003d5ae8dcf55ca6d1b4b0a76f8c00c3d6b8929af1fc9d612470ee2801ab0061c6683112c167ee1ebb6dd8
ssdeep: 12288:PX7U4CC2mmiq+OiEgzXO7sPWwwaCkdmyR/GoIe7c8fV1rOl61ZC:f7U4hC9zWkwmyNGJe7fA+Z
type: PE32+ executable (console) x86-64, for MS Windows
tlsh: T175D47D8AEE124C98DF96A5B44939EFF08C34E81E1566B7789008F1053B54FB6DF7E422
sha3_384: da8b53fdebdb5e7435092abe47b576c4fe1e81d0beb25f928dc91d46ef6a4a86c467bf796ba22c67ec26176d1fad712b
ep_bytes: 90554889e55648ffce57415441554156
timestamp: 2008-11-08 16:22:40

Version Info:
CompanyName: Microsoft Corporation
FileDescription: SNMP Trap
FileVersion: 10.0.17134.1 (WinBuild.160101.0800)
InternalName: snmptrap.exe
LegalCopyright: © Microsoft Corporation. All rights reserved.
OriginalFilename: snmptrap.exe
ProductName: Microsoft® Windows® Operating System
ProductVersion: 10.0.17134.1
Translation: 0x0409 0x04b0

Malware.AI.1624807977 also known as:

Elastic	malicious (high confidence)
DrWeb	Win64.Expiro.108
MicroWorld-eScan	Win64.Expiro.Gen.3
FireEye	Generic.mg.68e0ce907f71031f
McAfee	W64/Expiro.a
Malwarebytes	Malware.AI.1624807977
Zillya	Virus.Expiro.Win64.34
CrowdStrike	win/malicious_confidence_100% (D)
K7GW	Virus ( 0040f8071 )
K7AntiVirus	Virus ( 0040f8071 )
Cyren	W64/Expiro.D!gen
Symantec	W64.Xpiro.F
ESET-NOD32	Win64/Expiro.AG
TrendMicro-HouseCall	PE64_EXPIRO.AR
ClamAV	Win.Virus.Expiro-7996025-0
Kaspersky	Virus.Win64.Expiro.g
BitDefender	Win64.Expiro.Gen.3
NANO-Antivirus	Virus.Win64.Expiro.dtfhve
Avast	Win32:Expiro-DD
Rising	Virus.Expiro!1.A140 (CLASSIC)
Ad-Aware	Win64.Expiro.Gen.3
Emsisoft	Win64.Expiro.Gen.3 (B)
F-Secure	Malware.W64/Expiro.AF
Baidu	Win64.Virus.Expiro.r
VIPRE	Virus.Win64.Expiro.gen.a (v)
TrendMicro	PE64_EXPIRO.AR
McAfee-GW-Edition	BehavesLike.Win64.Expiro.hc
SentinelOne	Static AI – Suspicious PE
Sophos	ML/PE-A + W64/Expiro-S
Ikarus	Virus.Win32.Expiro
GData	Win64.Expiro.Gen.3
Avira	W64/Expiro.AF
Antiy-AVL	Virus/Win64.Expiro.x
Arcabit	Win64.Expiro.Gen.3
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
Cynet	Malicious (score: 100)
AhnLab-V3	Win64/Expiro2.Gen
Acronis	suspicious
ALYac	Win64.Expiro.Gen.3
TACHYON	Virus/W64.Expiro.C
Cylance	Unsafe
APEX	Malicious
Tencent	Virus.Win64.Expiro.ad
MAX	malware (ai score=85)
eGambit	Unsafe.AI_Score_79%
Fortinet	W64/Expiro.Q
AVG	Win32:Expiro-DD
Panda	W32/Expiro.gen
MaxSecure	virus.win64.expiro.gen

How to remove Malware.AI.1624807977?

Malware.AI.1624807977 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X