What is “Malware.AI.2645617770”?

The Malware.AI.2645617770 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.2645617770 virus can do?

The binary contains an unknown PE section name indicative of packing
Executable file is packed/obfuscated with ASPack
Authenticode signature is invalid

How to determine Malware.AI.2645617770?


File Info:
name: A98AA72063F95933682D.mlw
path: /opt/CAPEv2/storage/binaries/8c176b1f7be1fb7f81d4ec20569b9aece9a95ef19cf42c5f7a027a8a2c1e9af6
crc32: 23335452
md5: a98aa72063f95933682d1b59956c19f3
sha1: 9055e9888e1e24a37b92e1ab7d699d05d6bde3f7
sha256: 8c176b1f7be1fb7f81d4ec20569b9aece9a95ef19cf42c5f7a027a8a2c1e9af6
sha512: d77bbee4e17f1c3662d6f79733f0c9a7c411426a4a19af8f4cc871662866f174ca63a2db31b6e72ea8af69dee73dfd05fe198b7cf2ff672a0d60d60d041c02f8
ssdeep: 384:BD2e4+cWbAqVGaUmLPQiCIgbQj/rhTGTAx9r6+Y9PffPz:BD2p+cWUqVG9uPQM/rhTGkxwbPr
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1B3626C62AF09C5F7C3CE193100A62D5EC7B98F309D31EC6B93923E9964BD4A0E558385
sha3_384: 8238f8bdb1ba17f148955187e667a6ee7409bbb9f1c211e4e73ec4db843df3c6d75c55f3cea9a17dcaf7464d8afe81d2
ep_bytes: 60e803000000e9eb045d4555c3e80100
timestamp: 2013-11-23 13:35:06

Version Info:
0: [No Data]

Malware.AI.2645617770 also known as:

Bkav	W32.AIDetect.malware1
tehtris	Generic.Malware
MicroWorld-eScan	Gen:Variant.Lazy.194259
FireEye	Generic.mg.a98aa72063f95933
McAfee	GenericRXAA-FA!A98AA72063F9
Cylance	Unsafe
Sangfor	[ASPACK V2.12]
Cybereason	malicious.063f95
BitDefenderTheta	AI:Packer.3B5D6C601E
Cyren	W32/Wapomi.E.gen!Eldorado
Elastic	malicious (high confidence)
ClamAV	Win.Malware.Bdld-9770176-0
Kaspersky	VHO:Trojan.Win32.Sdum.gen
BitDefender	Gen:Variant.Lazy.194259
Avast	Win32:Wapomi-B
Tencent	Trojan.Win32.Small.aab
Ad-Aware	Gen:Variant.Lazy.194259
Emsisoft	Gen:Variant.Lazy.194259 (B)
Comodo	TrojWare.Win32.TrojanDownloader.Small.DAQ@66xsg0
McAfee-GW-Edition	BehavesLike.Win32.Generic.lm
SentinelOne	Static AI – Malicious PE
Trapmine	malicious.high.ml.score
Sophos	ML/PE-A
APEX	Malicious
GData	Gen:Variant.Lazy.194259
Avira	W32/Jadtre.C
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
Cynet	Malicious (score: 100)
AhnLab-V3	Trojan/Win32.Downloader.R96148
Acronis	suspicious
MAX	malware (ai score=87)
Malwarebytes	Malware.AI.2645617770
Rising	Trojan.Agent!1.9CF8 (CLASSIC)
Yandex	Win32.Otwycal.Gen.2
Ikarus	Win32.Jadtre
Fortinet	W32/Wapomi.B!tr
AVG	Win32:Wapomi-B
CrowdStrike	win/malicious_confidence_70% (D)

How to remove Malware.AI.2645617770?

Malware.AI.2645617770 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X