Malware.AI.3105800648 malicious file

The Malware.AI.3105800648 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.3105800648 virus can do?

Dynamic (imported) function loading detected
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid

How to determine Malware.AI.3105800648?


File Info:
name: 7BD0491E641CCFC0DBED.mlw
path: /opt/CAPEv2/storage/binaries/c45e308d032ccd788b39367e3db25b7069ed56a42b18076dbb329c6dfa8508a7
crc32: 60E8BD51
md5: 7bd0491e641ccfc0dbed931da7b81504
sha1: fa46da2c6f347133b3206e72cca682058a8b9cb4
sha256: c45e308d032ccd788b39367e3db25b7069ed56a42b18076dbb329c6dfa8508a7
sha512: 14c2194347afd46d83a3399573ed3b4b07f6a98cde5acf1cfef170681f09c7b63885a098a315c60100d16075d0a9bb610378cd16931b948610802c486647532e
ssdeep: 3072:NhMpLbRQkB4ttc8EBGbbNOQcoQntK+C7VieM3SFZNt9cy+z:NhsLbRQkB4tGBkb4QTQwX3MmIL
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1BFC3AE00279C8999D19E99B8DCA6414246B0DD3B2001CB6EBCD438DBAB5FBC716067EF
sha3_384: f62263414fd0bdf0f5c51001398ebef56600ae372501e710657e5b8575a5715fdb9949f07ec8e9de7a0d7d3fd4b11fe3
ep_bytes: ff250020400000000000000000000000
timestamp: 2021-12-12 00:37:34

Version Info:
Translation: 0x0000 0x04b0
Comments: 
CompanyName: Mozilla
FileDescription: Firefox
FileVersion: 18.5.0.0
InternalName: 7zS.sfx
LegalCopyright: Mozilla
LegalTrademarks: 
OriginalFilename: 7zS.sfx
ProductName: Firefox
ProductVersion: 18.5.0.0
Assembly Version: 18.5.0.0

Malware.AI.3105800648 also known as:

Elastic	malicious (high confidence)
MicroWorld-eScan	IL:Trojan.MSILZilla.2627
CAT-QuickHeal	Backdoor.MsilFC.S23227500
ALYac	IL:Trojan.MSILZilla.2627
Cylance	Unsafe
Arcabit	IL:Trojan.MSILZilla.DA43
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of MSIL/Agent.CFQ
APEX	Malicious
ClamAV	Win.Packed.Samas-8025724-0
Kaspersky	HEUR:Backdoor.MSIL.DcRat.gen
BitDefender	IL:Trojan.MSILZilla.2627
Avast	Win32:BackdoorX-gen [Trj]
Rising	Backdoor.AsyncRAT!1.C3F4 (CLASSIC)
Ad-Aware	IL:Trojan.MSILZilla.2627
Emsisoft	IL:Trojan.MSILZilla.2627 (B)
DrWeb	BackDoor.AsyncRATNET.2
McAfee-GW-Edition	GenericRXQL-LI!7BD0491E641C
FireEye	Generic.mg.7bd0491e641ccfc0
SentinelOne	Static AI – Malicious PE
Avira	HEUR/AGEN.1145685
Microsoft	Backdoor:MSIL/AsyncRat.AD!MTB
GData	MSIL.Backdoor.DCRat.C
Cynet	Malicious (score: 100)
McAfee	GenericRXQL-LI!7BD0491E641C
MAX	malware (ai score=87)
Malwarebytes	Malware.AI.3105800648
Ikarus	Trojan.MSIL.Agent
eGambit	Unsafe.AI_Score_99%
Fortinet	MSIL/CoinMiner.CFQ!tr
BitDefenderTheta	Gen:NN.ZemsilF.34084.hm0@aqK4pIk
AVG	Win32:BackdoorX-gen [Trj]
Cybereason	malicious.c6f347
Panda	Trj/GdSda.A
MaxSecure	Trojan.Malware.300983.susgen

How to remove Malware.AI.3105800648?

Malware.AI.3105800648 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X