Should I remove “Malware.AI.2488916850”?

The Malware.AI.2488916850 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.2488916850 virus can do?

The binary likely contains encrypted or compressed data.
Authenticode signature is invalid

How to determine Malware.AI.2488916850?


File Info:
name: 9D5B84AE8DBEB604478E.mlw
path: /opt/CAPEv2/storage/binaries/039674c8e00a56a48fe5c5418c122cf95838703a853435d5189e1b338ed49d0b
crc32: 53C22E1B
md5: 9d5b84ae8dbeb604478ec3a089f2c6c5
sha1: 8c56a9e041e7236027d6a6166b37442d3e6ff4a1
sha256: 039674c8e00a56a48fe5c5418c122cf95838703a853435d5189e1b338ed49d0b
sha512: 59668f2e00a5c9339679097d1392fa5e59b452d495162ef6b9a40ff5d88c29a738e3f98e95da9955be86f45295ce1efbd3b359214e0aa8e3e4f96ee9fc728a8a
ssdeep: 12288:nBaqzPTY53of4XgbXZqHfdQCaIY//RnhOWrZVoexdqCLH31Ii3Dn:nHPYPwbXZq6C7Y/5kWrZVoe/1LH3bDn
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T197C423C8F1C8521BE63E4B71CC2650EA6514DFF2A68266ABB2EB716EC0FFC505D17024
sha3_384: b1396a06917c6c6ed41c54ebbc8d81f252289c8eacdb44d15fe58a9d26510e45ce7d19c1df0d34c79cf9e15e42ee7aba
ep_bytes: e873030000e9b3fdffff8bff558bec8b
timestamp: 2011-06-27 09:39:16

Version Info:
CompanyName: Oracle Corporation
FileDescription: Java(TM) Platform SE binary
FileVersion: 7.0.0.147
Full Version: 1.7.0-b147
InternalName: keytool
LegalCopyright: Copyright © 2011
OriginalFilename: keytool.exe
ProductName: Java(TM) Platform SE 7
ProductVersion: 7.0.0.147
Translation: 0x0000 0x04b0

Malware.AI.2488916850 also known as:

Elastic	malicious (high confidence)
DrWeb	Win32.Expiro.153
MicroWorld-eScan	Win32.Expiro.Gen.7
FireEye	Generic.mg.9d5b84ae8dbeb604
CAT-QuickHeal	W32.Expiro.H5
ALYac	Win32.Expiro.Gen.7
Cylance	Unsafe
Sangfor	Suspicious.Win32.Save.a
K7AntiVirus	Virus ( 0059041f1 )
K7GW	Virus ( 0059041f1 )
Cyren	W32/Expiro.AU.gen!Eldorado
ESET-NOD32	a variant of Win32/Expiro.CN
APEX	Malicious
ClamAV	Win.Virus.Expiro-9972211-0
Kaspersky	Virus.Win32.Moiva.a
BitDefender	Win32.Expiro.Gen.7
NANO-Antivirus	Virus.Win32.Virut-Gen.bwpxnc
Avast	Win32:Vitro [Inf]
Tencent	Virus.Win32.VirMoiva.a
Ad-Aware	Win32.Expiro.Gen.7
Emsisoft	Win32.Expiro.Gen.7 (B)
VIPRE	Win32.Expiro.Gen.7
Trapmine	malicious.high.ml.score
Sophos	Generic ML PUA (PUA)
Google	Detected
Avira	TR/Patched.Gen
Antiy-AVL	Trojan/Generic.ASVirus.317
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
GData	Win32.Expiro.Gen.7
Cynet	Malicious (score: 100)
MAX	malware (ai score=81)
Malwarebytes	Malware.AI.2488916850
Rising	Trojan.Generic@AI.83 (RDML:ogbxFt8j4VpV07d4HgvaPA)
SentinelOne	Static AI – Suspicious PE
Fortinet	W32/Expiro.NDP!tr
AVG	Win32:Vitro [Inf]
Panda	W32/Moyv.A

How to remove Malware.AI.2488916850?

Malware.AI.2488916850 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X