Malware

What is “Malware.AI.172133157”?

Malware Removal

The Malware.AI.172133157 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Malware.AI.172133157 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary contains an unknown PE section name indicative of packing
  • Executable file is packed/obfuscated with ASPack
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • The sample wrote data to the system hosts file.

How to determine Malware.AI.172133157?


File Info:

name: 8379750CCD531373E75E.mlw
path: /opt/CAPEv2/storage/binaries/ccdfa8ddf5b8563b7219328713bdd2997cd8e05bc6b317a6484b16960766c205
crc32: FFD38B85
md5: 8379750ccd531373e75eb82d15cd0b10
sha1: 767da8611f396b83b1791e226845f199bbc6cf6b
sha256: ccdfa8ddf5b8563b7219328713bdd2997cd8e05bc6b317a6484b16960766c205
sha512: 5a6c23b15b64be79ce980e3dfe364003efebe8bbf9a03164e30a97ecde65f466f71cae1c4e4dc5fcb66d7c5595e25c0c787d3301b2b59ad2f603b7fdb8637d4e
ssdeep: 6144:cQ5C9AbCInvgKizFEYYsycdEpkkxKxILvOpbXG0c9ik:cQI9AbCIDizFCpiscXG
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T197741283AB11DAACD8061F30D553C6EF073FACC1581A2A67E905B7693BF75E92844C36
sha3_384: 063a6ebb391542b6cee886127c532b4d9876436892dd7edf6b9fd40795da01f0ca57c0539350be0e629e86d527b24c47
ep_bytes: 60e803000000e9eb045d4555c3e80100
timestamp: 2021-12-23 13:52:06

Version Info:

FileVersion: 1.0.0.0
FileDescription: SETUP 基础类驱动应用程序
ProductName: 应用程序
ProductVersion: 1.0.0.0
LegalCopyright: 作者版权所有 请尊重并使用正版
Comments: 智多星
Translation: 0x0804 0x04b0

Malware.AI.172133157 also known as:

LionicTrojan.Win32.Generic.4!c
tehtrisGeneric.Malware
FireEyeGeneric.mg.8379750ccd531373
CylanceUnsafe
SangforTrojan.Win32.Agent.Vcvj
Cybereasonmalicious.11f396
BitDefenderThetaGen:NN.ZexaF.34682.uy0baWNy2Tib
CyrenW32/OnlineGames.HI.gen!Eldorado
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Packed.FlyStudio.AA potentially unwanted
Paloaltogeneric.ml
NANO-AntivirusTrojan.Win32.Wsgame.jpaggb
McAfee-GW-EditionBehavesLike.Win32.Generic.fc
Trapminemalicious.high.ml.score
SophosGeneric ML PUA (PUA)
SentinelOneStatic AI – Malicious PE
GDataWin32.Trojan.PSE.11UD6H7
GoogleDetected
Antiy-AVLTrojan/Generic.ASCommon.FA
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 100)
AhnLab-V3Malware/Win.Generic.C4974940
MalwarebytesMalware.AI.172133157
APEXMalicious
MaxSecureTrojan.Malware.300983.susgen
FortinetRiskware/Application

How to remove Malware.AI.172133157?

Malware.AI.172133157 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment