About “Malware.AI.219555532” infection

The Malware.AI.219555532 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.219555532 virus can do?

Behavioural detection: Executable code extraction – unpacking
Sample contains Overlay data
Presents an Authenticode digital signature
CAPE extracted potentially suspicious content
Authenticode signature is invalid

How to determine Malware.AI.219555532?


File Info:
name: 124CE2AF7DA0A91F5AFB.mlw
path: /opt/CAPEv2/storage/binaries/b79345d3e09413e5ab3093c3ff11faa91090b065012122e367039772cc3821c0
crc32: ED4E19D2
md5: 124ce2af7da0a91f5afb3d8a246882a9
sha1: c5cb1d475a93e8a1832acf74fd361a4c136d7d52
sha256: b79345d3e09413e5ab3093c3ff11faa91090b065012122e367039772cc3821c0
sha512: 46b23a1d850cd1c9f29f224334831fbfe333f5359af610b29348018de428a9c3a1d1b4a904db457bb3a545f25e88849508225270a0545f89332320fbb1b2e08a
ssdeep: 6144:4mwVSFKfXJQN4VxDLxCmdUZ/c+uucY5nO09pmw5+0:4mBFexDLxCmdUZ/c+uucY5nO09pmw51
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T169444B39D8709929EA4D7FF09BF39B9828196E2007480597BE0E1E458F5FFF46067293
sha3_384: 2629b42e2c916f76e3539ed1280b60c3de169334a5a5177969b778d56aaab88458441c73fabffe27d0b55fe8d68281bb
ep_bytes: e807300000e9a4feffff3b0d04b14300
timestamp: 2023-06-11 12:29:17

Version Info:
Comments: Il s'agit d'une application légitime.
CompanyName: Schneider Electric SE
FileDescription: Schneider Electric SE Produit
FileVersion: 381
InternalName: ApplicationInterne
LegalCopyright: Droit d'auteur Â© Schneider Electric SE Tous droits réservés.
LegalTrademarks: Marques déposées Â© Schneider Electric SE
OriginalFilename: app.exe
ProductName: Application
ProductVersion: 381
Translation: 0x0407 0x04b0

Malware.AI.219555532 also known as:

Bkav	W32.AIDetectMalware
MicroWorld-eScan	Gen:Variant.Midie.124942
Malwarebytes	Malware.AI.219555532
Sangfor	Trojan.Win32.Save.a
CrowdStrike	win/malicious_confidence_90% (D)
BitDefenderTheta	Gen:NN.ZexaF.36250.pq2@a4uveNki
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win32/GenKryptik.GKPI
APEX	Malicious
Cynet	Malicious (score: 100)
Kaspersky	UDS:Trojan-Spy.Win32.Stealer.gen
BitDefender	Gen:Variant.Midie.124942
Avast	PWSX-gen [Trj]
Emsisoft	Gen:Variant.Midie.124942 (B)
VIPRE	Gen:Variant.Midie.124942
McAfee-GW-Edition	BehavesLike.Win32.Generic.dh
Trapmine	malicious.high.ml.score
FireEye	Generic.mg.124ce2af7da0a91f
SentinelOne	Static AI – Malicious PE
GData	Gen:Variant.Midie.124942
MAX	malware (ai score=82)
Arcabit	Trojan.Midie.D1E80E
ZoneAlarm	UDS:Trojan-Spy.Win32.Stealer.gen
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
Google	Detected
Cylance	unsafe
Ikarus	AdWare.Lollipop
MaxSecure	Spy.W32.Stealer.gen_269358
AVG	PWSX-gen [Trj]
DeepInstinct	MALICIOUS

How to remove Malware.AI.219555532?

Malware.AI.219555532 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X