Malware.AI.1970602587 removal instruction

The Malware.AI.1970602587 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.1970602587 virus can do?

Performs HTTP requests potentially not found in PCAP.
Authenticode signature is invalid
Attempts to modify proxy settings
Harvests cookies for information gathering
Collects information to fingerprint the system

How to determine Malware.AI.1970602587?


File Info:
name: 04970887E6DCEB987600.mlw
path: /opt/CAPEv2/storage/binaries/8615b806ea84a135fd61b9b69f1aef0dd4761b4698cd3e7d3a2f518f991fd208
crc32: 71859A81
md5: 04970887e6dceb98760088b64f41bf42
sha1: b56d5ab7fd3cb4b89f5ac5852c7c50820256ce1e
sha256: 8615b806ea84a135fd61b9b69f1aef0dd4761b4698cd3e7d3a2f518f991fd208
sha512: 46bcc1a8fee03e6b022173ab88e49ca39db23404a7c2aa3f45cd70297f5c46baa6c947842085a8d9816c7bea0b6e1a4414b17a6d6902a5737d2ab20bf3ef1aaa
ssdeep: 6144:SIgiKxtFbLGxHNJPrcUoSSwu5To9j5nmnaaf9Bg+RhbpUYH:SfFPGJrcUoSSwu5To9jQnao9BrRhb
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1CD548E297B94A036C75E4039BB05A776CABEBC3138515517FB942A396DF03C2DA3930B
sha3_384: 4bc46eb00f5d63f5fb5df6654adf5cbf03e96c6cb436afa70976618e97b2bc58a9246c1348e1234283b375e7cbfa81af
ep_bytes: e8b4770000e989feffff8bff558bec83
timestamp: 2022-11-23 13:56:24

Version Info:
0: [No Data]

Malware.AI.1970602587 also known as:

Bkav	W32.AIDetect.malware2
DrWeb	Trojan.PWS.Stealer.35026
FireEye	Generic.mg.04970887e6dceb98
Malwarebytes	Malware.AI.1970602587
K7AntiVirus	Password-Stealer ( 00596f801 )
K7GW	Password-Stealer ( 00596f801 )
CrowdStrike	win/grayware_confidence_70% (D)
BitDefenderTheta	Gen:NN.ZexaF.34796.sqW@amP7rM
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win32/PSW.Agent.ONW
APEX	Malicious
Kaspersky	HEUR:Trojan-Banker.Win32.Bandra.gen
Avast	Win32:PWSX-gen [Trj]
F-Secure	Trojan.TR/AD.GenSteal.lbjri
Trapmine	suspicious.low.ml.score
Sophos	Generic ML PUA (PUA)
SentinelOne	Static AI – Suspicious PE
GData	Win32.Trojan.PSE.1XA9KQR
Google	Detected
ZoneAlarm	HEUR:Trojan-Banker.Win32.Bandra.gen
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
Cynet	Malicious (score: 100)
AhnLab-V3	Trojan/Win.Hpgen.C5205891
VBA32	BScope.Backdoor.CoreBot
Rising	Trojan.Generic@AI.100 (RDML:QGY6zVnCRmkxXsfTjYd+mw)
Ikarus	Trojan-PSW.Agent
Fortinet	W32/Agent.ONW!tr
AVG	Win32:PWSX-gen [Trj]

How to remove Malware.AI.1970602587?

Malware.AI.1970602587 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X