Malware

Malware.AI.3523483394 removal guide

Malware Removal

The Malware.AI.3523483394 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Malware.AI.3523483394 virus can do?

  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Malware.AI.3523483394?


File Info:

name: 067B7D444A14FC240E0A.mlw
path: /opt/CAPEv2/storage/binaries/57000d8e440e904112fca7bd7e705808abdbfa84139eb988e00c1232336e272e
crc32: C21A6292
md5: 067b7d444a14fc240e0a6a492b8a48f9
sha1: d286ab4ea2cee714c7b6665715435fcc0e004bac
sha256: 57000d8e440e904112fca7bd7e705808abdbfa84139eb988e00c1232336e272e
sha512: 04b408fd581744d32ed7dbf9a97387c970978f0bef9f45497449e0ef4b9987166e6ca9e0b8314ca10a3bd0e5323d14f0cdf59643c1d8c4d6bd0c5fa81e80d376
ssdeep: 12288:PXxKeF8alixynNpQ6UdOL3p731MvVUU99VZCs8CVzpbm5lzdB+8:fxKO8ali0NpQ6BL1MvVbVZCY4zdB
type: PE32+ executable (console) x86-64, for MS Windows
tlsh: T196D46CE741069407E4F776B81F1BDE1AC79899C3321893891188DCC3B6D1F6FB4A8E66
sha3_384: cf7fb3e0a1ff19c90d7269c9b019509384976ebdf46ce261f3d523a2a5e13cb70587dd86e29e323e93b032515aec1b8d
ep_bytes: 90554889e55648ffce57415441554156
timestamp: 2008-11-08 16:22:40

Version Info:

CompanyName: Microsoft Corporation
FileDescription: SNMP Trap
FileVersion: 10.0.17134.1 (WinBuild.160101.0800)
InternalName: snmptrap.exe
LegalCopyright: © Microsoft Corporation. All rights reserved.
OriginalFilename: snmptrap.exe
ProductName: Microsoft® Windows® Operating System
ProductVersion: 10.0.17134.1
Translation: 0x0409 0x04b0

Malware.AI.3523483394 also known as:

Elasticmalicious (high confidence)
DrWebWin64.Expiro.108
MicroWorld-eScanWin64.Expiro.Gen.3
FireEyeGeneric.mg.067b7d444a14fc24
McAfeeW64/Expiro.a
CylanceUnsafe
ZillyaVirus.Expiro.Win64.34
CrowdStrikewin/malicious_confidence_100% (D)
K7GWVirus ( 0040f8071 )
K7AntiVirusVirus ( 0040f8071 )
CyrenW64/Expiro.D!gen
SymantecW64.Xpiro.F
ESET-NOD32Win64/Expiro.AG
TrendMicro-HouseCallPE64_EXPIRO.AR
AvastWin32:Expiro-DD
KasperskyVirus.Win64.Expiro.g
BitDefenderWin64.Expiro.Gen.3
NANO-AntivirusVirus.Win64.Expiro.dtfhve
TencentVirus.Win64.Expiro.ad
Ad-AwareWin64.Expiro.Gen.3
TACHYONVirus/W64.Expiro.C
EmsisoftWin64.Expiro.Gen.3 (B)
BaiduWin64.Virus.Expiro.r
VIPREVirus.Win64.Expiro.gen.a (v)
TrendMicroPE64_EXPIRO.AR
McAfee-GW-EditionBehavesLike.Win64.Virut.hc
SophosML/PE-A + W64/Expiro-S
GDataWin64.Expiro.Gen.3
AviraW64/Expiro.AF
Antiy-AVLTrojan/Generic.ASVirus.311
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
CynetMalicious (score: 100)
AhnLab-V3Win64/Expiro2.Gen
Acronissuspicious
ALYacWin64.Expiro.Gen.3
MAXmalware (ai score=84)
MalwarebytesMalware.AI.3523483394
APEXMalicious
RisingVirus.Expiro!1.A140 (CLASSIC)
SentinelOneStatic AI – Malicious PE
FortinetW64/Expiro.Q
AVGWin32:Expiro-DD
PandaW32/Expiro.gen

How to remove Malware.AI.3523483394?

Malware.AI.3523483394 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment