Malware

About “Malware.AI.253974794” infection

Malware Removal

The Malware.AI.253974794 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Malware.AI.253974794 virus can do?

  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Malware.AI.253974794?


File Info:

name: F933BF16AB327DDE3BBD.mlw
path: /opt/CAPEv2/storage/binaries/8ed18a0272266f61bf46450dcc91262732171649239ec138b00e4fa96168314f
crc32: 565369A3
md5: f933bf16ab327dde3bbd1edf8904ca24
sha1: 80fffd5994081d4e448b316313fb6ba02403c449
sha256: 8ed18a0272266f61bf46450dcc91262732171649239ec138b00e4fa96168314f
sha512: a3ad122a2eae7e824723a42a153c7e2c4421dd24804ec262f68c66c074a4e548ec2d6fd3c4909493e24fd3cf37ffe55048459199c85ef491a89297254d8678c0
ssdeep: 6144:rs84tsv9slNSxY2Nc2EzpTPPy4AbE47WfA8RwpEP4h:rf4tu9slNSq2N7a9LmEjIma
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T115845C31F6628C31E8A201F11984A7B58160ED7DC023C416B3E5DE5B7BF61F2BA1977A
sha3_384: b1fbc3b8b802a63833f5b672afebba55ab498295bf3cdf44bae6cf6b922fda46f1edc2aee992633592565b485d88ec1f
ep_bytes: 5589e583ec146a01ff1518624600e8ed
timestamp: 2007-02-16 14:45:18

Version Info:

0: [No Data]

Malware.AI.253974794 also known as:

LionicTrojan.Win32.Swisyn.4!c
Elasticmalicious (high confidence)
DrWebTrojan.Inject3.37291
MicroWorld-eScanTrojan.Multidropper.RI
FireEyeGeneric.mg.f933bf16ab327dde
ALYacTrojan.Multidropper.RI
CylanceUnsafe
ZillyaTrojan.Swisyn.Win32.27612
SangforTrojan.Win32.Swisyn.cpoi
AlibabaTrojanDropper:Win32/Swisyn.1b234b07
CrowdStrikewin/malicious_confidence_70% (W)
BitDefenderThetaAI:Packer.8DC415731C
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/TrojanDropper.Agent.QOW
APEXMalicious
ClamAVWin.Dropper.Agent-35504
KasperskyTrojan.Win32.Swisyn.cpoi
BitDefenderTrojan.Multidropper.RI
NANO-AntivirusTrojan.Win32.SdBot.nciw
AvastWin32:MultiDropper-N [Trj]
TencentWin32.Trojan.Swisyn.Xdkl
Ad-AwareTrojan.Multidropper.RI
EmsisoftTrojan.Multidropper.RI (B)
ComodoMalware@#3rpdny5efvfiq
VIPRETrojan.Multidropper.RI
McAfee-GW-EditionMultiDropper-RI
Trapminemalicious.high.ml.score
IkarusTrojan.Multidropper.RI
JiangminBackdoor/RBot.kgm
WebrootW32.Malware.Gen
GoogleDetected
AviraTR/Dropper.Gen
MAXmalware (ai score=100)
Antiy-AVLTrojan/Generic.ASMalwS.3303
MicrosoftTrojan:Win32/Wacatac.B!ml
ArcabitTrojan.Multidropper.RI
ViRobotBackdoor.Win32.IRCBot.1136640
ZoneAlarmTrojan.Win32.Swisyn.cpoi
GDataTrojan.Multidropper.RI
CynetMalicious (score: 99)
AhnLab-V3Worm/Win32.RL_IRCBot.R288714
McAfeeMultiDropper-RI
VBA32Trojan.Swisyn
MalwarebytesMalware.AI.253974794
RisingTrojan.Win32.Meredrop.a (CLASSIC)
YandexTrojan.DR.Agent!g6C120cfmFQ
SentinelOneStatic AI – Suspicious PE
FortinetW32/Kolab.BEQ!worm
AVGWin32:MultiDropper-N [Trj]
Cybereasonmalicious.6ab327
PandaGeneric Malware

How to remove Malware.AI.253974794?

Malware.AI.253974794 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment