Should I remove “Malware.AI.1721585494”?

The Malware.AI.1721585494 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.1721585494 virus can do?

The binary likely contains encrypted or compressed data.
Authenticode signature is invalid
Anomalous binary characteristics

How to determine Malware.AI.1721585494?


File Info:
name: 44044DAB4A1BB30D0F08.mlw
path: /opt/CAPEv2/storage/binaries/6af1eaad22d3d3add698c49688cb6a9ab993a299a1749ca4bafd7c6ecfd5099c
crc32: B7288FAF
md5: 44044dab4a1bb30d0f080234719b564f
sha1: d72b55a88e7599738ded7165b84191b8d25ab128
sha256: 6af1eaad22d3d3add698c49688cb6a9ab993a299a1749ca4bafd7c6ecfd5099c
sha512: 65e9cbc81648420bed0809d552a048076320482f52f2787971a7d6b0e9dca62d9d42d941f3364a5c5a46c3fa6f2ddaea14a6b39bc163ca71055b04a8f834d937
ssdeep: 12288:vXX0AKEPCkfy6AF14EKy+Odk76dGfFG3j9pjXsx931jAAWLxlp:/X0nEKkfy6AVk7CGfI3jrGVVWd
type: PE32+ executable (console) x86-64, for MS Windows
tlsh: T13ED48E01AF4DEBCDF84289343BE6AA44ACF1256B6C8C6107F953F90470747C5E61E6AB
sha3_384: 12260e19bdac359e03691f2325e7eac6928cf6e6faf8f4cdca0b487d1b74c5d73e8636d678416c8ca5b885278cde6fde
ep_bytes: 90554889e55648ffce57415441554156
timestamp: 2008-11-08 16:22:40

Version Info:
CompanyName: Microsoft Corporation
FileDescription: SNMP Trap
FileVersion: 10.0.17134.1 (WinBuild.160101.0800)
InternalName: snmptrap.exe
LegalCopyright: © Microsoft Corporation. All rights reserved.
OriginalFilename: snmptrap.exe
ProductName: Microsoft® Windows® Operating System
ProductVersion: 10.0.17134.1
Translation: 0x0409 0x04b0

Malware.AI.1721585494 also known as:

Elastic	malicious (high confidence)
MicroWorld-eScan	Win64.Expiro.Gen.3
ALYac	Win64.Expiro.Gen.3
Cylance	Unsafe
Zillya	Virus.Expiro.Win64.34
K7AntiVirus	Virus ( 0040f8071 )
K7GW	Virus ( 0040f8071 )
Cybereason	malicious.b4a1bb
Baidu	Win64.Virus.Expiro.r
Cyren	W64/Expiro.D!gen
Symantec	W64.Xpiro.F
ESET-NOD32	Win64/Expiro.AG
APEX	Malicious
Kaspersky	Virus.Win64.Expiro.g
BitDefender	Win64.Expiro.Gen.3
NANO-Antivirus	Virus.Win64.Expiro.dtfhve
Avast	Win32:Expiro-DD
Tencent	Virus.Win64.Expiro.ad
Ad-Aware	Win64.Expiro.Gen.3
Sophos	ML/PE-A + W64/Expiro-S
DrWeb	Win64.Expiro.108
VIPRE	Virus.Win64.Expiro.gen.a (v)
TrendMicro	PE64_EXPIRO.AR
McAfee-GW-Edition	BehavesLike.Win64.Expiro.hc
FireEye	Generic.mg.44044dab4a1bb30d
Emsisoft	Win64.Expiro.Gen.3 (B)
Ikarus	Virus.Win32.Expiro
GData	Win64.Expiro.Gen.3
Avira	W64/Expiro.AF
MAX	malware (ai score=86)
Antiy-AVL	Trojan/Generic.ASVirus.311
Arcabit	Win64.Expiro.Gen.3
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
Cynet	Malicious (score: 100)
AhnLab-V3	Win64/Expiro2.Gen
Acronis	suspicious
McAfee	W64/Expiro.a
TACHYON	Virus/W64.Expiro.C
Malwarebytes	Malware.AI.1721585494
TrendMicro-HouseCall	PE64_EXPIRO.AR
Rising	Virus.Expiro!1.A140 (CLASSIC)
SentinelOne	Static AI – Malicious PE
eGambit	Unsafe.AI_Score_99%
Fortinet	W64/Expiro.Q
AVG	Win32:Expiro-DD
Panda	W32/Expiro.gen
CrowdStrike	win/malicious_confidence_100% (D)
MaxSecure	virus.win64.expiro.gen

How to remove Malware.AI.1721585494?

Malware.AI.1721585494 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X