Malware.AI.2418082301 removal instruction

The Malware.AI.2418082301 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.2418082301 virus can do?

Anomalous .NET characteristics
Anomalous binary characteristics

How to determine Malware.AI.2418082301?


File Info:
name: C138CB29C9D124BF1EBA.mlw
path: /opt/CAPEv2/storage/binaries/52dc5741882df4d11d8b4b2bb3ae60ebee6f6baac7220cc26bc41076f80b7efa
crc32: 73D6550A
md5: c138cb29c9d124bf1ebaaabcad47a4e0
sha1: ccb5a98a2c43969505cdb15b991ae8ffe5fe1480
sha256: 52dc5741882df4d11d8b4b2bb3ae60ebee6f6baac7220cc26bc41076f80b7efa
sha512: 0d68b198fcaa922e617346316575e00e703319c32467b2200dcb1c80199604bce88e91758479413d5960203b111fbaadd5d02129f7dd0dc29510439bd6f0e89a
ssdeep: 96:lMuzbEdYh4C/yjvJZkA3fO792+ab3CrXT2vT4NgRm6Z8TWIcTIoDK4WwOgzNt:lMIEWh4CbAP492+A3MjuTy7TWImA4Wu
type: PE32+ executable (GUI) x86-64, for MS Windows
tlsh: T134F1D701B3FC8219F5FE4F7928BA67005675FA934E13C36F5C85416A2D32710CAA2BB2
sha3_384: 13afa0f2b417d9e0e6b803fc02b80659857992954664b0aa20a0d07497598f3e8153ae98b046131fd00ee61b1e4c6593
ep_bytes: 4d5a90000300000004000000ffff0000
timestamp: 2021-11-21 10:09:24

Version Info:
Translation: 0x0000 0x04b0
Comments: Shell Infrastructure Host
FileDescription: Shell Infrastructure Host
FileVersion: 10.0.19041.746
InternalName: 3-watchdog.exe
LegalCopyright: © Microsoft Corporation. All Rights Reserved.
OriginalFilename: 3-watchdog.exe
ProductName: Microsoft® Windows® Operating System
ProductVersion: 10.0.19041.746
Assembly Version: 0.0.0.0

Malware.AI.2418082301 also known as:

Lionic	Trojan.MSIL.Miner.4!c
Elastic	malicious (high confidence)
MicroWorld-eScan	Trojan.GenericKD.38093528
FireEye	Generic.mg.c138cb29c9d124bf
McAfee	Artemis!C138CB29C9D1
K7AntiVirus	Trojan ( 0057f9af1 )
Alibaba	Trojan:MSIL/Miner.a1570a25
K7GW	Trojan ( 0057f9af1 )
Cyren	W64/MSIL_Coinminer.C.gen!Eldorado
Symantec	Trojan.Gen.2
ESET-NOD32	a variant of Win32/CoinMiner.CGV
TrendMicro-HouseCall	TROJ_GEN.R002C0WKN21
Paloalto	generic.ml
Kaspersky	HEUR:Trojan.MSIL.Miner.gen
BitDefender	Trojan.GenericKD.38093528
Avast	Win64:CoinminerX-gen [Trj]
Tencent	Win32.Trojan.Coinminer.Suxc
Ad-Aware	Trojan.GenericKD.38093528
Sophos	Mal/Generic-S
TrendMicro	TROJ_GEN.R002C0WKN21
McAfee-GW-Edition	Artemis!Trojan
Emsisoft	Trojan.GenericKD.38093528 (B)
Ikarus	Trojan.Win32.CoinMiner
GData	Trojan.GenericKD.38093528
eGambit	Unsafe.AI_Score_82%
Avira	HEUR/AGEN.1143065
Gridinsoft	Ransom.Win64.Sabsik.sa
Arcabit	Trojan.Generic.D24542D8
Microsoft	Trojan:Script/Phonzy.A!ml
Cynet	Malicious (score: 100)
AhnLab-V3	Trojan/Win.Generic.C4705070
VBA32	Trojan.MSIL.Miner
ALYac	Trojan.GenericKD.38093528
MAX	malware (ai score=88)
Malwarebytes	Malware.AI.2418082301
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	MSIL/CoinMiner.CGV!tr
AVG	Win64:CoinminerX-gen [Trj]
CrowdStrike	win/malicious_confidence_90% (W)

How to remove Malware.AI.2418082301?

Malware.AI.2418082301 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X