What is “Malware.AI.3097187314”?

The Malware.AI.3097187314 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.3097187314 virus can do?

Presents an Authenticode digital signature
Authenticode signature is invalid
Anomalous binary characteristics

How to determine Malware.AI.3097187314?


File Info:
name: F4BA7A4A0D7D612B186E.mlw
path: /opt/CAPEv2/storage/binaries/83b8e09bac483b4b63a0ad84657fcaa1b0ff8e81c6081b027247c584064b5245
crc32: 9B79CEEE
md5: f4ba7a4a0d7d612b186e41bd6ffb34ca
sha1: eaafc5aafcd004b4e9fc1bdf6e014c2fbe5b9485
sha256: 83b8e09bac483b4b63a0ad84657fcaa1b0ff8e81c6081b027247c584064b5245
sha512: b06edae5535ab6da95466f425df36538c1a060762197b66b8b8db1ae966bcd0434a73478f6b73ab0dd6026f35ddf6f15c0ee90168c0df162f91ab80cd9aca2c1
ssdeep: 24576:W8On6F43nuBsbSAOidYrovp4Tp9aQCoGsXHRKx/WnSyhbzv8O0X:NOyBMO+YrovpU/96WSytLdu
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T125859D316EB0807AD6AAD5B1BE7F8568E539BD3086F0486F13A57F383F711A05A31316
sha3_384: db4bda586681b07b8ccf4de09cb2ed139a27abd776e3f7b4087fba7b4c58a4cd0a7dc600634c7bf1ef160b3c72e23f63
ep_bytes: e829040000e9a9fdffffcccccccccc8b
timestamp: 2016-01-29 01:25:53

Version Info:
Platform: NT
LegalTrademarks: Microsoft SQL Server is a registered trademark of Microsoft Corporation.
Comments: SQL
GoldenBits: False
CompanyName: Microsoft Corporation
FileDescription: SQL External minidumper
FileVersion: 2011.0110.9167.944 ((BI_Office_Stab).160128-1649)
InternalName: SqlDumper
LegalCopyright: Microsoft Corp. All rights reserved.
OriginalFilename: SqlDumper.exe
ProductName: Microsoft SQL Server
ProductVersion: 11.0.9167.944
Translation: 0x0409 0x04b0

Malware.AI.3097187314 also known as:

Bkav	W32.AIDetect.malware1
Lionic	Trojan.Win32.Generic.4!c
Elastic	malicious (high confidence)
FireEye	Generic.mg.f4ba7a4a0d7d612b
McAfee	GenericRXRH-RQ!F4BA7A4A0D7D
Cylance	Unsafe
Sangfor	Trojan.Win32.Save.a
Alibaba	Backdoor:Win32/Bladabindi.e16fd328
Cyren	W32/Bladabindi.B.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
Avast	Win32:VB-FBX
ClamAV	Win.Malware.Bulz-9871427-0
DrWeb	Win32.HLLW.Autoruner.547
McAfee-GW-Edition	BehavesLike.Win32.Generic.th
Sophos	Mal/Generic-S
GData	Win32.Trojan.Agent.VNP9Y6
Avira	HEUR/AGEN.1141745
Antiy-AVL	Trojan/Generic.ASBOL.C6BA
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
Cynet	Malicious (score: 100)
ALYac	Gen:Trojan.Heur.bu0bsu6yu7db
Malwarebytes	Malware.AI.3097187314
TrendMicro-HouseCall	TROJ_GEN.R03BH0CA422
Rising	Worm.VB!1.DA41 (CLASSIC)
SentinelOne	Static AI – Malicious PE
Fortinet	W32/Bladabindi.F676!tr
AVG	Win32:VB-FBX
CrowdStrike	win/malicious_confidence_90% (W)
MaxSecure	Trojan.Malware.121218.susgen

How to remove Malware.AI.3097187314?

Malware.AI.3097187314 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X