Malware.AI.1963292161 (file analysis)

The Malware.AI.1963292161 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.1963292161 virus can do?

Authenticode signature is invalid
Binary file triggered YARA rule

How to determine Malware.AI.1963292161?


File Info:
name: C7E182864FD157C7B135.mlw
path: /opt/CAPEv2/storage/binaries/5c00b96ad12918785857e3a0beddc564d48ce63ab74a691a565fac9bed25bd6d
crc32: 2EA3823E
md5: c7e182864fd157c7b135673b2b3ed3ee
sha1: 5aa58c57ea4114e288727ae1f68e9bf129abc1d4
sha256: 5c00b96ad12918785857e3a0beddc564d48ce63ab74a691a565fac9bed25bd6d
sha512: 9b9dd2bbad0fc5f06b1253f73b6811a069d8c5936c1ec6c53787f956124434c407e9e693eddc623890e61b45aae35b1f07da1b062f4179af807e27abe8b4e54a
ssdeep: 768:0YIz6ZdKgFjsdZoUJBXBfv1akkgRvkBE:0YlKgFjsdNdBFkgRz
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T16C53E7257A88C41ED6AF4E786CE1D2F90272FE629D02DA573DC43F4F38B27048D11666
sha3_384: 4e77557762722f3a606d2f780a2f4ade1d3906cea9036ad444f310a3caed8f450e8c0beb53ff971fe8a59aa8a84493ba
ep_bytes: ff250020400000000000000000000000
timestamp: 2020-04-22 11:04:29

Version Info:
Translation: 0x0000 0x04b0
FileDescription: ActivateWindows
FileVersion: 2.0.0.1
InternalName: ActivateWindows.exe
LegalCopyright: Microsoft
OriginalFilename: ActivateWindows.exe
ProductName: ActivateWindows
ProductVersion: 2.0.0.1
Assembly Version: 2.0.0.1

Malware.AI.1963292161 also known as:

Bkav	W32.AIDetectMalware.CS
Lionic	Trojan.Win32.Generic.4!c
Skyhigh	RDN/Generic.dx
McAfee	RDN/Generic.dx
Malwarebytes	Malware.AI.1963292161
Sangfor	Trojan.Win32.Agent.Vrdd
APEX	Malicious
SentinelOne	Static AI – Suspicious PE
Webroot	W32.Malware.Gen
Google	Detected
Varist	W32/MSIL_Agent.IM.gen!Eldorado
Antiy-AVL	Trojan/Win32.Agent
BitDefenderTheta	Gen:NN.ZemsilCO.36804.dm0@aqZuv@
TrendMicro-HouseCall	TROJ_GEN.R002H06J623
MaxSecure	Trojan.Malware.74461695.susgen
Fortinet	PossibleThreat
DeepInstinct	MALICIOUS
alibabacloud	Trojan[downloader]:MSIL/Powershell

How to remove Malware.AI.1963292161?

Malware.AI.1963292161 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X