About “Malware.AI.2654736912” infection

The Malware.AI.2654736912 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.2654736912 virus can do?

Unconventionial language used in binary resources: Chinese (Simplified)
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid

How to determine Malware.AI.2654736912?


File Info:
name: 6720BA014BDB078E95E5.mlw
path: /opt/CAPEv2/storage/binaries/1ee072c6dbbbdc5872318096b78f29201f50295b2cd2cdbe66f23af5e78e2816
crc32: 08A80501
md5: 6720ba014bdb078e95e521a30365679d
sha1: c9ebea3705e6ad895d2dc324980c5ebc2b928afd
sha256: 1ee072c6dbbbdc5872318096b78f29201f50295b2cd2cdbe66f23af5e78e2816
sha512: c8a025e09ebd9fdba1a721dde529f9a18146447867b836f20e48e34976b5eb2dc3a5017cb47d9cefc2973f2742b98c6b12d34f53797ed51c8577fedaa4be7a72
ssdeep: 24576:pdRACYT/mmDTk+VxahN3T/8TWV08+jw80WFks:H7YTe4TvVsh5/8mSU80W
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T15425CF2ABEE2D036D1326071995ED34825B9BC310C278957B7CC676E1F301E29B35EB6
sha3_384: c4f5a9bb684f96b16c3ddfe99dc29d6d2c81fd5e82703dd9edceca4877eecff43d47e37732a3d4daf64c25f5ceb8801f
ep_bytes: e8da060000e97afeffff558bec6aff68
timestamp: 2020-12-09 09:47:27

Version Info:
CompanyName: Oracle Corporation
FileDescription: Java Update Scheduler
FileVersion: 2.8.281.9
Full Version: 2.8.281.9
InternalName: Java Update Scheduler
LegalCopyright: Copyright © 2020
OriginalFilename: jusched.exe
ProductName: Java Platform SE Auto Updater
ProductVersion: 2.8.281.9
Translation: 0x0409 0x04b0

Malware.AI.2654736912 also known as:

Bkav	W32.AIDetectMalware
DrWeb	Win32.Beetle.2
MicroWorld-eScan	Gen:Variant.Doina.63197
Malwarebytes	Malware.AI.2654736912
K7AntiVirus	Trojan ( 005ab4bf1 )
K7GW	Trojan ( 005ab4bf1 )
BitDefenderTheta	Gen:NN.ZexaF.36662.7u0@a4KYKQmP
Cyren	W32/Patched.GQ1.gen!Eldorado
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win32/Patched.NKM
APEX	Malicious
Kaspersky	VHO:Backdoor.Win32.Convagent.gen
BitDefender	Gen:Variant.Doina.63197
NANO-Antivirus	Virus.Win32.Gen-Crypt.ccnc
Avast	Win32:Malware-gen
Rising	Trojan.Generic@AI.100 (RDML:oQP5P+KoNVErS8jIxazwKA)
Emsisoft	Gen:Variant.Doina.63197 (B)
VIPRE	Gen:Variant.Doina.63197
McAfee-GW-Edition	BehavesLike.Win32.Sality.dc
Trapmine	malicious.high.ml.score
FireEye	Generic.mg.6720ba014bdb078e
GData	Win32.Trojan.PSE.JLK9HC
Google	Detected
MAX	malware (ai score=88)
Antiy-AVL	Trojan/Win32.Wacatac
Arcabit	Trojan.Doina.DF6DD
ZoneAlarm	VHO:Backdoor.Win32.Convagent.gen
Microsoft	Trojan:Win32/Wacatac.B!ml
AhnLab-V3	Malware/Win.Generic.R603665
VBA32	BScope.TrojanDownloader.Emotet
ALYac	Gen:Variant.Doina.63197
Tencent	Malware.Win32.Gencirc.13eeb1ae
Ikarus	Trojan.Win32.Patched
Fortinet	W32/Patched.IP!tr
AVG	Win32:Malware-gen
DeepInstinct	MALICIOUS

How to remove Malware.AI.2654736912?

Malware.AI.2654736912 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X