Malware.AI.2159405886 removal

The Malware.AI.2159405886 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.2159405886 virus can do?

Sample contains Overlay data
The binary contains an unknown PE section name indicative of packing
Executable file is packed/obfuscated with ASPack
Authenticode signature is invalid
Binary compilation timestomping detected

How to determine Malware.AI.2159405886?


File Info:
name: E525C19AB2A182DD82B9.mlw
path: /opt/CAPEv2/storage/binaries/92e7c74e0cc6e7f6289eba4e395c399478409e9448a6f2cc5cdf5d7ea566c2cf
crc32: 6C35BC6F
md5: e525c19ab2a182dd82b9791ffd2ae20c
sha1: 4d284a241ec7ad333926e9ac1d6f2812da3ab239
sha256: 92e7c74e0cc6e7f6289eba4e395c399478409e9448a6f2cc5cdf5d7ea566c2cf
sha512: f3b0794563c223e88e7e55c8a890143e06ef58015158f0612c88908c5a9f2a91e7af83e97b76cbae913593900be180e5d52c39ee0dbaefbe7edc027d306c5edc
ssdeep: 768:/VF3CCgNINHcNhwAGLx0v7fHTQzRssMmP8tmP8yQzRss3:dFJVcNhwAlPQzRssMm0tm0yQzRss
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1BC6384221B9DBDD9E19E2A75193973105AA2E85493E04BCF4F9025EE6C320D3FC3275B
sha3_384: 37aab4a92105f81201888e6986c69f7480c1ddd416e364432aa37f521d3b8675a596e600fa9e746e74a2f2ad999b1f09
ep_bytes: 8b6845408b8bff1530ff8bff68cc6a30
timestamp: 2071-10-08 19:21:25

Version Info:
0: [No Data]

Malware.AI.2159405886 also known as:

Bkav	W32.AIDetect.malware1
DrWeb	Trojan.Upatre.100
MicroWorld-eScan	Gen:Variant.Mikey.30054
FireEye	Generic.mg.e525c19ab2a182dd
CAT-QuickHeal	Trojanpwszbot.Gsb
ALYac	Gen:Variant.Mikey.30054
Malwarebytes	Malware.AI.2159405886
Zillya	Downloader.Agent.Win32.508706
Sangfor	Suspicious.Win32.Save.ins
K7AntiVirus	Riskware ( 0040eff71 )
K7GW	Riskware ( 0040eff71 )
CrowdStrike	win/malicious_confidence_100% (W)
BitDefenderTheta	Gen:NN.ZexaF.36164.eyY@aiDJf!j
Cyren	W32/Bredolab.L.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
APEX	Malicious
ClamAV	Win.Malware.Upatre-6740969-0
Kaspersky	HEUR:Trojan-Downloader.Win32.Agent.gen
BitDefender	Gen:Variant.Mikey.30054
NANO-Antivirus	Trojan.Win32.Upatre.dggcix
Avast	Win32:Agent-AULS [Trj]
Tencent	Malware.Win32.Gencirc.10bea5f5
Emsisoft	Gen:Variant.Mikey.30054 (B)
F-Secure	Trojan.TR/Redcap.cafaj
Baidu	Win32.Trojan-Downloader.Waski.a
VIPRE	Gen:Variant.Mikey.30054
TrendMicro	TROJ_GEN.R03BC0DDQ23
McAfee-GW-Edition	BehavesLike.Win32.Generic.kz
Trapmine	malicious.high.ml.score
Sophos	Mal/Generic-S
SentinelOne	Static AI – Malicious PE
GData	Gen:Variant.Mikey.30054
Google	Detected
Avira	TR/Redcap.cafaj
MAX	malware (ai score=87)
Antiy-AVL	Trojan[Downloader]/Win32.Agent
Xcitium	TrojWare.Win32.TrojanDownloader.Waski.EB@5j320p
Arcabit	Trojan.Mikey.D7566
ZoneAlarm	HEUR:Trojan-Downloader.Win32.Agent.gen
Microsoft	Trojan:Win32/PWSZbot.GSB!MTB
Cynet	Malicious (score: 100)
AhnLab-V3	Trojan/Win.PWSZbot.R569250
Acronis	suspicious
McAfee	Artemis!E525C19AB2A1
Cylance	unsafe
TrendMicro-HouseCall	TROJ_GEN.R03BC0DDQ23
Rising	Downloader.Agent!8.B23 (TFE:2:R5mULGmjPKH)
Ikarus	Trojan.Win32.PWSZbot
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/PossibleThreat
AVG	Win32:Agent-AULS [Trj]
DeepInstinct	MALICIOUS

How to remove Malware.AI.2159405886?

Malware.AI.2159405886 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X