Malware.AI.3156691918 malicious file

The Malware.AI.3156691918 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.3156691918 virus can do?

Executable code extraction
Attempts to connect to a dead IP:Port (1 unique times)
Creates RWX memory
Unconventionial language used in binary resources: Russian
Anomalous binary characteristics

How to determine Malware.AI.3156691918?


File Info:
crc32: 021BFAE4
md5: 84ab0c2b10006c87b8518f8d9084b067
name: 84AB0C2B10006C87B8518F8D9084B067.mlw
sha1: 387ffc10d6dd4e776b4a1a8ac030db9798635d55
sha256: e84521d881b5ce38a6722ae06a694ad1782746283e62d5a2dfb6e5e79cc121a9
sha512: c899d6292ef0a48fd55fe17ae643f0d6144a3fe76cdae2ff7b9b2d418ca9c073978fe239edbb590083cce0cc2a15ba136afd3f536e69eeb3c32ef12d974f1656
ssdeep: 3072:EobpjNav9uF06wwI2j0L2CV26FmDizrvHQTULz0oL:Eobps9S06ww/YL2CV264AdL
type: MS-DOS executable, MZ for MS-DOS

Version Info:
InternalName: c m d
FileVersion: 2.66
CompanyName:  NirSoft
ProductName:  NirCmd
ProductVersion: 2.66
FileDescription:  NirCmd
OriginalFilename:  NirCmd.exe 
Translation: 0x0409 0x04b1

Malware.AI.3156691918 also known as:

Bkav	W32.AIDetect.malware1
Elastic	malicious (high confidence)
DrWeb	Trojan.Encoder.5047
MicroWorld-eScan	Gen:Variant.Ransom.CryptXXX.1
FireEye	Generic.mg.84ab0c2b10006c87
Qihoo-360	HEUR/QVM19.1.A4F0.Malware.Gen
McAfee	RDN/Ransom
Cylance	Unsafe
Sangfor	Trojan.Win32.Save.a
K7AntiVirus	Trojan ( 0052964f1 )
BitDefender	Gen:Variant.Ransom.CryptXXX.1
K7GW	Trojan ( 0052964f1 )
Cybereason	malicious.b10006
BitDefenderTheta	Gen:NN.ZexaF.34590.hq0@aaQHyQaQ
Symantec	ML.Attribute.HighConfidence
APEX	Malicious
Avast	Win32:Malware-gen
Kaspersky	UDS:DangerousObject.Multi.Generic
NANO-Antivirus	Virus.Win32.Gen.ccmw
Rising	Malware.Heuristic!ET#94% (RDMK:cmRtazrFrsnidR2dP/czVg/zKQcl)
Ad-Aware	Gen:Variant.Ransom.CryptXXX.1
Sophos	Mal/Generic-S
F-Secure	Trojan.TR/Crypt.XPACK.Gen3
McAfee-GW-Edition	BehavesLike.Win32.Generic.cm
Emsisoft	Gen:Variant.Ransom.CryptXXX.1 (B)
Ikarus	Packer.Win32.Krap
Jiangmin	Trojan.Generic.brwmb
Avira	TR/Crypt.XPACK.Gen3
Antiy-AVL	Trojan/Win32.AGeneric
Microsoft	Ransom:Win32/Tovicrypt.A
Arcabit	Trojan.Ransom.CryptXXX.1
ZoneAlarm	UDS:DangerousObject.Multi.Generic
GData	Gen:Variant.Ransom.CryptXXX.1
Cynet	Malicious (score: 100)
AhnLab-V3	Malware/Win32.Generic.C4351323
Acronis	suspicious
VBA32	BScope.Trojan.Bagsu
ALYac	Gen:Variant.Ransom.CryptXXX.1
MAX	malware (ai score=80)
Malwarebytes	Malware.AI.3156691918
Panda	Trj/GdSda.A
ESET-NOD32	a variant of Win32/Kryptik.HGEN
Yandex	Trojan.GenAsa!fV4lYBUPwBQ
SentinelOne	Static AI – Malicious PE
eGambit	Unsafe.AI_Score_99%
Fortinet	W32/Kryptik.FNZR!tr
AVG	Win32:Malware-gen
CrowdStrike	win/malicious_confidence_100% (D)

How to remove Malware.AI.3156691918?

Malware.AI.3156691918 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X