About “Malware.AI.2703350824” infection

The Malware.AI.2703350824 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.2703350824 virus can do?

Sample contains Overlay data
The binary contains an unknown PE section name indicative of packing
The binary likely contains encrypted or compressed data.
The executable is compressed using UPX
Authenticode signature is invalid

How to determine Malware.AI.2703350824?


File Info:
name: 4128326AA15779814FB4.mlw
path: /opt/CAPEv2/storage/binaries/f032b2d0fbe38cc41fb0500a5406bc4cc5cedcb3c1f9eb61731508d80759b6b2
crc32: 28850C92
md5: 4128326aa15779814fb4ae6d9c36752b
sha1: a311371ba1185a3d719e2fb7c37b8731757c82e2
sha256: f032b2d0fbe38cc41fb0500a5406bc4cc5cedcb3c1f9eb61731508d80759b6b2
sha512: 28bff054724e5ad1836a61fdd28148231081624777861db56d99aa26505d63176b5f598a77ccf84b1dff0070703689ac7ecca373c65e17685380f74fb0703b43
ssdeep: 6144:zVdVdVdVF+hs+hq4otR/Y3vY3vY3vY3vY3/ACWACefffJRzbNry:ZXXXf4oYggggPfffnbw
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T10D7412CB64E4C3AAD2B150B738758529353C14FB45A27C8AC85A6127FD78C2ED74BC2E
sha3_384: e255c0d9173e49d3322d0113bb29a5ae226d27b8381aec4dd7e38d72667903eab4873e0ca6f8b2781e65d90e11be0833
ep_bytes: 3f490f00ab3f7f564295b5287fcfd116
timestamp: 2017-02-12 00:16:41

Version Info:
0: [No Data]

Malware.AI.2703350824 also known as:

Lionic	Trojan.Win32.Generic.4!c
FireEye	Generic.mg.4128326aa1577981
Skyhigh	BehavesLike.Win32.Generic.fc
McAfee	RDN/Generic.dx
Cylance	unsafe
Sangfor	Trojan.Win32.Save.a
CrowdStrike	win/malicious_confidence_100% (D)
K7GW	Trojan ( 004bcce41 )
K7AntiVirus	Trojan ( 004bcce41 )
Elastic	malicious (moderate confidence)
APEX	Malicious
F-Secure	Heuristic.HEUR/AGEN.1352767
Trapmine	malicious.high.ml.score
Sophos	Generic ML PUA (PUA)
Avira	HEUR/AGEN.1352767
Kingsoft	malware.kb.b.993
Xcitium	Packed.Win32.MUPX.Gen@24tbus
Cynet	Malicious (score: 100)
AhnLab-V3	Malware/Win.Generic.C5270311
BitDefenderTheta	Gen:NN.ZexaF.36792.wmX@aS3end
DeepInstinct	MALICIOUS
Malwarebytes	Malware.AI.2703350824
TrendMicro-HouseCall	TROJ_GEN.R002H06E423
Rising	Trojan.Generic@AI.100 (RDML:FwFpZ39UVU+bpokW+8DK7A)
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	Malicious_Behavior.SB
AVG	Win32:Malware-gen
Cybereason	malicious.ba1185
Avast	Win32:Malware-gen

How to remove Malware.AI.2703350824?

Malware.AI.2703350824 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X