About “Malware.AI.3101915807” infection

The Malware.AI.3101915807 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.3101915807 virus can do?

The binary contains an unknown PE section name indicative of packing
The executable is compressed using UPX
Authenticode signature is invalid
Anomalous binary characteristics

How to determine Malware.AI.3101915807?


File Info:
name: 244293B785CA00467EB9.mlw
path: /opt/CAPEv2/storage/binaries/b51f54077f02e53841164ef6bc61afc51fe5f4c216bef2dd4c77c3a91d0a01cf
crc32: 93861089
md5: 244293b785ca00467eb9833923668b27
sha1: 2ab17d7e61a08a0b885cd2972a4bb8156df752b3
sha256: b51f54077f02e53841164ef6bc61afc51fe5f4c216bef2dd4c77c3a91d0a01cf
sha512: 024e7b605a310b134f9c417d39bfec533551aa5fa18737be8b9d39b3352aa7cfcddb4d7238e4dd5e2a0f1b2aa899e53ba75cd038422df58236e2466a5db00a58
ssdeep: 24576:QPMVzIibvK7ofcK7oLaK7oUjrqGqI7zrfW:lj09jJzrf
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T13365304B7FD4C121E1AA4A301C6F9FD815EEBC536C21B25B2D889B1E9CB0660795273F
sha3_384: 91ca74deb872e96aac4c7b9523f178b09552deeb44f4aced42c11cd63743b88a823b9f3f603c30d77fb8595867186911
ep_bytes: 60be00007d008dbe0010c3ff5783cdff
timestamp: 2017-03-10 21:34:45

Version Info:
CompanyName: National Instruments
FileDescription: National Instruments Installer
FileVersion: 17.0.0.207
InternalName: MetaInstaller
LegalCopyright: Copyright © 2003-2017. All Rights Reserved.
OriginalFilename: Setup.exe
ProductName: National Instruments Installer
ProductVersion: 17.0.0

Malware.AI.3101915807 also known as:

Cylance	Unsafe
Elastic	malicious (moderate confidence)
APEX	Malicious
McAfee-GW-Edition	Artemis
Trapmine	suspicious.low.ml.score
Avira	HEUR/AGEN.1214978
Microsoft	Trojan:Win32/Wacatac.B!ml
Cynet	Malicious (score: 99)
McAfee	Artemis!244293B785CA
Malwarebytes	Malware.AI.3101915807
Fortinet	W32/ULPM.16C0!tr

How to remove Malware.AI.3101915807?

Malware.AI.3101915807 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X