How to remove “Malware.AI.1980129836”?

The Malware.AI.1980129836 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.1980129836 virus can do?

Dynamic (imported) function loading detected
CAPE extracted potentially suspicious content
Authenticode signature is invalid
Binary compilation timestomping detected

How to determine Malware.AI.1980129836?


File Info:
name: 0FE7CF7936BB0743917B.mlw
path: /opt/CAPEv2/storage/binaries/3c35558578caa64b1c70a1d2490d222703c00690ff70b6ec0e4f555e664f3831
crc32: AC14715A
md5: 0fe7cf7936bb0743917b7c2bde2e098f
sha1: 317b9eb92d44ebcac8b02dfefc7e7135b31f36b9
sha256: 3c35558578caa64b1c70a1d2490d222703c00690ff70b6ec0e4f555e664f3831
sha512: ae26bce23b46a35841088153e0716a54973ac49634c3740824dd12d9fd3b070e32f7e2037344da89a19b8e94f91769c0d2efca8906b69df3a658fed46420c722
ssdeep: 3072:c47XCsSiwnQ2Cho7oeIxvvhz0BAarFpRxjwW4LYCU46dtouC2vjR1d8e7zrRvFar:raXkxoy6Rb/tsiRlWt5g
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1E9D4B13CD6A40616D3E7C638449A4816E8A2DC47773DE88E52933F0D3B785927CAA3DD
sha3_384: fef77ccf19d7bb760ac9ba2246cbc6740a5d3891d7b3df1f1385b58de633ee6035e91ae75adf87d59a607231c33a72fe
ep_bytes: ff250020400000000000000000000000
timestamp: 2081-10-05 01:58:41

Version Info:
Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: Leon Reporter v1.0 By iiEnFLaT
FileVersion: 1.0.0.0
InternalName: Leon Reporter v1.0 By iiEnFLaT.exe
LegalCopyright: Copyright ©  2021
LegalTrademarks: 
OriginalFilename: Leon Reporter v1.0 By iiEnFLaT.exe
ProductName: Leon Reporter v1.0 By iiEnFLaT
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Malware.AI.1980129836 also known as:

Lionic	Trojan.MSIL.Obfuscated.4!c
MicroWorld-eScan	Gen:Variant.Lazy.78769
FireEye	Gen:Variant.Lazy.78769
CAT-QuickHeal	Trojan.MSIL
ALYac	Gen:Variant.Lazy.78769
Cylance	Unsafe
K7AntiVirus	Hacktool ( 0058239b1 )
Alibaba	Trojan:MSIL/Obfuscated.de8edc31
K7GW	Hacktool ( 0058239b1 )
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of MSIL/HackTool.BruteForce.AJS
APEX	Malicious
Paloalto	generic.ml
Kaspersky	HEUR:Trojan.MSIL.Obfuscated.gen
BitDefender	Gen:Variant.Lazy.78769
Avast	Win32:TrojanX-gen [Trj]
Ad-Aware	Gen:Variant.Lazy.78769
Emsisoft	Gen:Variant.Lazy.78769 (B)
TrendMicro	TROJ_GEN.R002C0WLA21
McAfee-GW-Edition	Artemis!Trojan
Sophos	Mal/Generic-S
GData	Gen:Variant.Lazy.78769
Jiangmin	Trojan.MSIL.alpmr
Antiy-AVL	Trojan/Generic.ASMalwS.34E8F7B
Gridinsoft	Ransom.Win32.Sabsik.sa
Arcabit	Trojan.Lazy.D133B1
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
Cynet	Malicious (score: 100)
McAfee	PUP-XRC-WK
MAX	malware (ai score=86)
VBA32	TScope.Trojan.MSIL
Malwarebytes	Malware.AI.1980129836
TrendMicro-HouseCall	TROJ_GEN.R002C0WLA21
Yandex	Trojan.Obfuscated!XbcU40GC4Jg
Fortinet	MSIL/BruteForce.AJS!tr
AVG	Win32:TrojanX-gen [Trj]
Cybereason	malicious.92d44e
Panda	Trj/GdSda.A
MaxSecure	Trojan.Malware.300983.susgen

How to remove Malware.AI.1980129836?

Malware.AI.1980129836 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X