Malware.AI.2926948226 (file analysis)

The Malware.AI.2926948226 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.2926948226 virus can do?

Drops a binary and executes it
The binary contains an unknown PE section name indicative of packing
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid

How to determine Malware.AI.2926948226?


File Info:
name: F126EF4F146DC0840D2E.mlw
path: /opt/CAPEv2/storage/binaries/0eb0da2d067a1bb4357d5622e70c8f6f1b25b54f8fb8755d8aae6af168968ec9
crc32: E491DA28
md5: f126ef4f146dc0840d2e0d4fec0518bb
sha1: 624d07d987fb55366e35c2531a3bbe68c09066db
sha256: 0eb0da2d067a1bb4357d5622e70c8f6f1b25b54f8fb8755d8aae6af168968ec9
sha512: 6e3e7badb346ea81930719f062da10dc4a2d377ef0c81dabd5a78c4e8353d0fdd9356abc49b655cd982f11d5dddf354aa5a4d0f5c9694bda189f63161781af1b
ssdeep: 12288:AWYqnwTrE3888888888888W88888888888RG7SgwlYj3tD4lTX+5VF0JVcPPA:HYqwTYDtBX+5T071
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T121C4F203B7C30832F57A0E798C65A1887C2BFA791ED1702A6EF8CD4D44BD1D25CB59A6
sha3_384: ae4ed173765f2ceae68845b72fc9467b22270d7a09224a80b39d404d84f09cc38291fe54b4820374900be32c11064274
ep_bytes: 558becb9080000006a006a004975f953
timestamp: 2013-10-31 10:13:11

Version Info:
CompanyName: IObit
FileDescription: Driver Backup Package
FileVersion: 1.1.0.0
InternalName: UpdateDB
LegalCopyright: Copyright© 2013 IObit. All Rights Reserved.
LegalTrademarks: IObit
OriginalFilename: SfxStub.exe
ProductName: Driver Booster
ProductVersion: 1.1.0.0
Comments: Driver Database Updater
Translation: 0x0409 0x04e4

Malware.AI.2926948226 also known as:

Bkav	W32.AIDetectMalware
CAT-QuickHeal	Trojan.GenericPMF.S2873331
McAfee	Artemis!F126EF4F146D
Malwarebytes	Malware.AI.2926948226
Sangfor	Trojan.Win32.Save.a
CrowdStrike	win/malicious_confidence_60% (W)
Cyren	W32/Jacard.A.gen!Eldorado
Elastic	malicious (moderate confidence)
Cynet	Malicious (score: 100)
ClamAV	Win.Dropper.Genericrxjd-9884871-0
Sophos	Generic ML PUA (PUA)
McAfee-GW-Edition	BehavesLike.Win32.Generic.hc
Trapmine	malicious.moderate.ml.score
Jiangmin	Packed.Dico.dxt
Google	Detected
BitDefenderTheta	AI:Packer.759C860817
VBA32	Trojan.Wacatac
Cylance	unsafe
APEX	Malicious
Rising	Trojan.Generic@AI.100 (RDML:yjR2Oq+cKxs9+MX4OqBZgw)
SentinelOne	Static AI – Suspicious PE
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/Agent.YARW!tr
DeepInstinct	MALICIOUS

How to remove Malware.AI.2926948226?

Malware.AI.2926948226 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X