How to remove “Malware.AI.2018257671”?

The Malware.AI.2018257671 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.2018257671 virus can do?

Dynamic (imported) function loading detected
Authenticode signature is invalid
Binary compilation timestomping detected
Unusual version info supplied for binary

How to determine Malware.AI.2018257671?


File Info:
name: 68644F18703FAFFAE70A.mlw
path: /opt/CAPEv2/storage/binaries/020ad6379b8b59d1232bab5d3ce0004b8989ac2f397a05675fb1fe0c2d0fc711
crc32: EBD89666
md5: 68644f18703faffae70a1f25b7878e90
sha1: 4b37a80ce08cc078646fb95f69d366ea3ae76051
sha256: 020ad6379b8b59d1232bab5d3ce0004b8989ac2f397a05675fb1fe0c2d0fc711
sha512: 6ec06903e15929ad6e23f5414a2df0e6e9db0049cb0321ae1e1d045d7c91cc68c7e3f34ed461d18acd6765f4e3ea7ab24f269731d1fc911b3754beca3a1ab7fe
ssdeep: 6144:8WiCuoeAmV3n2J+Wi1T1XJQVn9h61jpjfoAJK+aWmXLp:8suoelVmJYZQVn9hMNTPJK/F
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1F2940728B5A5C91AE17E4BBAD0D0A05897B5B203E90ADF4F0DF18DF51E52B80CD065EF
sha3_384: 2bfbeb128a37738ad246257abbbe61bd8c2eb4738f3bd168030938ceaa1c1e8b2c7cb86afe78fe3587685adde7868881
ep_bytes: ff250020400000000000000000000000
timestamp: 2096-05-10 05:31:42

Version Info:
Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: Microsoft Copyright
FileVersion: 1.6.2.0
InternalName: out.exe
LegalCopyright: Microsoft Copyright ©  2021
LegalTrademarks: 
OriginalFilename: out.exe
ProductName: 
ProductVersion: 1.6.2.0
Assembly Version: 1.6.2.0

Malware.AI.2018257671 also known as:

Lionic	Trojan.MSIL.Coins.i!c
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Bulz.777717
FireEye	Generic.mg.68644f18703faffa
CAT-QuickHeal	Trojan.MsilFC.S24737043
McAfee	GenericRXQF-JR!68644F18703F
Malwarebytes	Malware.AI.2018257671
Zillya	Trojan.Agent.Win32.2527151
Sangfor	Infostealer.MSIL.Coins.gen
K7AntiVirus	Spyware ( 0057c16b1 )
Alibaba	TrojanPSW:MSIL/Coins.587fe8cd
K7GW	Spyware ( 0057c16b1 )
Cybereason	malicious.ce08cc
BitDefenderTheta	Gen:NN.ZemsilF.34182.zm0@aam7XLo
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of MSIL/Spy.Agent.DIG
TrendMicro-HouseCall	TROJ_GEN.R049C0PJ621
Paloalto	generic.ml
Kaspersky	HEUR:Trojan-PSW.MSIL.Coins.gen
BitDefender	Gen:Variant.Bulz.777717
Avast	Win32:DropperX-gen [Drp]
Tencent	Msil.Trojan-qqpass.Qqrob.Wozs
VIPRE	Trojan.Win32.Generic!BT
TrendMicro	TROJ_GEN.R049C0PJ621
Emsisoft	Gen:Variant.Bulz.777717 (B)
SentinelOne	Static AI – Malicious PE
Avira	HEUR/AGEN.1145058
MAX	malware (ai score=100)
Gridinsoft	Ransom.Win32.Sabsik.sa
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
GData	Gen:Variant.Bulz.777717
Cynet	Malicious (score: 100)
AhnLab-V3	Malware/Gen.RL_Reputation.C4300952
VBA32	TScope.Trojan.MSIL
ALYac	Gen:Variant.Bulz.777717
APEX	Malicious
Rising	Trojan.Generic/MSIL@AI.100 (RDM.MSIL:nNb38IQ9aTbCy9BmukCGJw)
Yandex	TrojanSpy.Agent!xFq+WqIQ3n0
Ikarus	Trojan.MSIL.Vmprotect
Fortinet	MSIL/Agent.DIG!tr.spy
AVG	Win32:DropperX-gen [Drp]
Panda	Trj/GdSda.A
CrowdStrike	win/malicious_confidence_100% (W)

How to remove Malware.AI.2018257671?

Malware.AI.2018257671 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X