Malware.AI.1814419750 (file analysis)

The Malware.AI.1814419750 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.1814419750 virus can do?

A file was accessed within the Public folder.
The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid
Harvests credentials from local FTP client softwares

How to determine Malware.AI.1814419750?


File Info:
name: B0690616ECDECEC08D0E.mlw
path: /opt/CAPEv2/storage/binaries/254be4cc28fdfd9af68197b7676271e818fd014c1bc91095d33a629265a41ade
crc32: B707856C
md5: b0690616ecdecec08d0e266751a780ef
sha1: 57c919b84ce04877a0e77a70efe1a779b829fed5
sha256: 254be4cc28fdfd9af68197b7676271e818fd014c1bc91095d33a629265a41ade
sha512: f3e0c0dde90969a084b999129b7e62f1a0502665b6a78458f7b5db001209a4cfeb81115cc85104411cc37ea17257bcf286287af774c40220eca5e6c39b2b1e7a
ssdeep: 49152:I+SX4VEDl0QoXLeJEKLAAmimMAMMMMMMM3MMMMMMMMMjMMMMMMMMMLjl:lUWQHJEKc9im3MMMMMMM3MMMMMMMMMjI
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T125C56C017AE6CCA9F2611433D5AA937D9768BF400738CB9B63D1FF1F69F22814936216
sha3_384: f28202a66cd97c137bf72182cd72c4ff580cc9cf3fc8be9d798f49bcb82f4238055be26fa79f820a1a74163baea14edb
ep_bytes: 558bec6aff68201753006878b04c0064
timestamp: 2003-01-24 00:19:24

Version Info:
CompanyName: GlobalSCAPE Texas, LP.
FileDescription: CuteFTP
FileVersion: 51.1.01.23
InternalName: FTP
LegalCopyright: 1995-2003, GlobalSCAPE Texas, LP. All rights reserved.
LegalTrademarks: (R)
OriginalFilename: CUTFTP32.EXE
ProductName: CuteFTP
ProductVersion: 5.0.1.0
Translation: 0x0409 0x04e4

Malware.AI.1814419750 also known as:

Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.Generic.4!c
FireEye	Generic.mg.b0690616ecdecec0
CAT-QuickHeal	Trojan.Scar
Skyhigh	BehavesLike.Win32.Generic.vm
McAfee	Artemis!B0690616ECDE
Malwarebytes	Malware.AI.1814419750
Sangfor	Trojan.Win32.Agent.Vtgr
VirIT	Trojan.Win32.Fakealert.BWSF
NANO-Antivirus	Trojan.Win32.Fakealert.cxgqof
Rising	Malware.FakeFolder/ICON!1.6AA9 (CLASSIC)
DrWeb	Trojan.Fakealert.32921
Zillya	Trojan.FakeAV.Win32.250189
Ikarus	not-a-virus:NetTool.Win32.ZXProxy
Kingsoft	malware.kb.a.970
Microsoft	Trojan:Win32/ScarletFlash.A
Cynet	Malicious (score: 100)
VBA32	Trojan.FakeAlert
DeepInstinct	MALICIOUS
Cylance	unsafe
Yandex	Trojan.GenAsa!bModj15etXE
SentinelOne	Static AI – Suspicious PE
Fortinet	Riskware/Application
AVG	Win32:Malware-gen
Avast	Win32:Malware-gen

How to remove Malware.AI.1814419750?

Malware.AI.1814419750 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X