About “Malware.AI.2913406615” infection

The Malware.AI.2913406615 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.2913406615 virus can do?

Yara rule detections observed from a process memory dump/dropped files/CAPE
Unconventionial language used in binary resources: Spanish (Argentina)
Authenticode signature is invalid
Anomalous binary characteristics

How to determine Malware.AI.2913406615?


File Info:
name: DE2D7EA33FB435C397DF.mlw
path: /opt/CAPEv2/storage/binaries/539154be5b00261a09b15627b6023061196f98f3bda7c17afed9fd9f59d805b5
crc32: 6BEE20AA
md5: de2d7ea33fb435c397df4e45d9037edb
sha1: 2de33bdb8f68cecd1a45ffa3fc8dd42883f402b3
sha256: 539154be5b00261a09b15627b6023061196f98f3bda7c17afed9fd9f59d805b5
sha512: 8c0ec08ef757f13ec9d2f9911944e0138cbfec425dbebd9c661eb34d587a34e4abff66ea2c3f68bbc6e41be204af109574d72c262af03bd42d66f0baafc093e8
ssdeep: 3072:dbzHwa2Ona8j7hrh+BY2XGsc8iogODTnLM1wJHRQXNetTRZzFPk2I111KYTI1Uki:dbzHwzOnai7hrhoYx1wJHRQmHMzTy1A
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T11B64E511B140D1FDD54AC1B8537483B74227BE6254F6F83AFB842929AE74142F272EFA
sha3_384: 9482a4edc70b93f42ca80c9115412922901b0d1577149c7ae3bdfa88ba7e03365922ccd9014d7c2cafe5d89d5dd1066f
ep_bytes: 8bec609ce99f8b0300ff558bec81ec28
timestamp: 2012-11-22 15:59:05

Version Info:
0: [No Data]

Malware.AI.2913406615 also known as:

Bkav	W32.AIDetect.malware2
Elastic	Multi.Trojan.Coreimpact
MicroWorld-eScan	Gen:Trojan.Heur2.RP.tqW@bCa5iPOi
ClamAV	Win.Malware.Midie-9958370-0
ALYac	Gen:Trojan.Heur2.RP.tqW@bCa5iPOi
Cylance	Unsafe
Sangfor	Trojan.Win32.Save.a
Cybereason	malicious.33fb43
ESET-NOD32	a variant of Win32/Bipfam.A
APEX	Malicious
Cynet	Malicious (score: 99)
Kaspersky	VHO:Trojan.Win32.Convagent.gen
BitDefender	Gen:Trojan.Heur2.RP.tqW@bCa5iPOi
NANO-Antivirus	Virus.Win32.Gen.ccmw
Avast	Win32:MalOb-FE [Cryp]
Ad-Aware	Gen:Trojan.Heur2.RP.tqW@bCa5iPOi
Emsisoft	Gen:Trojan.Heur2.RP.tqW@bCa5iPOi (B)
DrWeb	BackDoor.Poison.15536
VIPRE	Gen:Trojan.Heur2.RP.tqW@bCa5iPOi
FireEye	Generic.mg.de2d7ea33fb435c3
SentinelOne	Static AI – Suspicious PE
Avira	TR/Crypt.XPACK.Gen
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
Arcabit	Trojan.Heur2.RP.ECBBAC
GData	Gen:Trojan.Heur2.RP.tqW@bCa5iPOi
Google	Detected
AhnLab-V3	Trojan/Win.Injector.R535442
MAX	malware (ai score=89)
VBA32	Backdoor.Poison
Malwarebytes	Malware.AI.2913406615
Rising	Backdoor.Hupigon!8.B57 (TFE:4:0KrkP0A8pbD)
Yandex	Trojan.GenAsa!//VjEvhpJWQ
Ikarus	Trojan.Win32.Pincav
Fortinet	W32/Injector.BDTE!tr
BitDefenderTheta	AI:Packer.F0CD51FF20
AVG	Win32:MalOb-FE [Cryp]
CrowdStrike	win/malicious_confidence_100% (D)

How to remove Malware.AI.2913406615?

Malware.AI.2913406615 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X