Malware.AI.2113604144 (file analysis)

The Malware.AI.2113604144 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.2113604144 virus can do?

Dynamic (imported) function loading detected
Reads data out of its own binary image
Authenticode signature is invalid

How to determine Malware.AI.2113604144?


File Info:
name: E51EB1AAD59B66F3F04C.mlw
path: /opt/CAPEv2/storage/binaries/ba21b8a78e7e1b0577c9c52a32c1a59cfe9fc2aeebe243e6b85cff91906b1e1a
crc32: 9A7D7900
md5: e51eb1aad59b66f3f04ca7e38d4e3ac5
sha1: f1818dfcf760fd2787136afc8e8479c3d12272d3
sha256: ba21b8a78e7e1b0577c9c52a32c1a59cfe9fc2aeebe243e6b85cff91906b1e1a
sha512: 3f6304c590915a2d467433244aa34d23039fc5f3ca09e8f2d0c30cf849409c3b1245a692625e07296cc7fbbe72c7e4a201f5948ec7a5442b3e40fb50838ec84c
ssdeep: 3072:puxkZuTXJbS0B3qIXCyB4oVEs53yxUvskJWAI8eUpLZ:pSVBa7sfVEs5kkD7
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T13CB3F19176F0C4BBE06B2B31886FD7B6D33AEE4159015A974B603F6F393A2438906357
sha3_384: 4ffaa1ad10bcbe07a799ab9132b4251f5ea379cf927dffbe0e6ec8fe3ce08ce4d9a591a8721dca979ce493ccb0779a57
ep_bytes: 81ec8001000053555633db57895c2418
timestamp: 2009-12-05 22:52:06

Version Info:
FileDescription: 
FileVersion: 1.0.0.3
LegalCopyright: 
ProductVersion: 1.0.0.3
Translation: 0x0000 0x04e4

Malware.AI.2113604144 also known as:

Lionic	Adware.NSIS.Rocketfuel.m9JP
FireEye	Adware.GenericKD.12635101
McAfee	Artemis!E51EB1AAD59B
Cylance	Unsafe
Alibaba	AdWare:Win32/Rocketfuel.16938bea
Cybereason	malicious.ad59b6
Symantec	SMG.Heur!gen
APEX	Malicious
Kaspersky	not-a-virus:AdWare.NSIS.Rocketfuel.a
BitDefender	Adware.GenericKD.12635101
NANO-Antivirus	Riskware.Nsis.Adw.eaywrl
MicroWorld-eScan	Adware.GenericKD.12635101
Tencent	Nsis.Adware.Rocketfuel.Ahog
Ad-Aware	Adware.GenericKD.12635101
Sophos	Generic PUA PB (PUA)
DrWeb	Adware.Downware.8721
TrendMicro	TROJ_GEN.R002C0OKR21
McAfee-GW-Edition	BehavesLike.Win32.Generic.cc
Emsisoft	Adware.GenericKD.12635101 (B)
GData	Adware.GenericKD.12635101
eGambit	Unsafe.AI_Score_60%
MAX	malware (ai score=60)
Gridinsoft	Ransom.Win32.Wacatac.sa
Arcabit	Adware.Generic.DC0CBDD
ViRobot	Adware.Rocketfuel.112774
Microsoft	Program:Win32/Wacapew.C!ml
AhnLab-V3	PUP/Win32.Bundler.R127935
ALYac	Adware.GenericKD.12635101
VBA32	AdWare.Rocketfuel
Malwarebytes	Malware.AI.2113604144
TrendMicro-HouseCall	TROJ_GEN.R002C0OKR21
Panda	Trj/CI.A
CrowdStrike	win/malicious_confidence_100% (D)

How to remove Malware.AI.2113604144?

Malware.AI.2113604144 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X