About “Malware.AI.3541709408” infection

The Malware.AI.3541709408 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.3541709408 virus can do?

Dynamic (imported) function loading detected
Authenticode signature is invalid
Binary compilation timestomping detected

How to determine Malware.AI.3541709408?


File Info:
name: D53623A4FBDEA993460F.mlw
path: /opt/CAPEv2/storage/binaries/e0837f5bca4ddbe1d925c25421c7fbb2d5110f1ba85d46e1f4ec5175cce3d458
crc32: E4936E60
md5: d53623a4fbdea993460ffe2cee2f6b03
sha1: e7dc49d8e585a9367c32d19693daf80f42a4953e
sha256: e0837f5bca4ddbe1d925c25421c7fbb2d5110f1ba85d46e1f4ec5175cce3d458
sha512: aea09aea23c69b9de6297564135ba7b9792aba2b52ce62158204cbb6aa75043a67df247ce6e18a2feebe72c362a8e8033bba348e6c3886e209d4298d90b39fe0
ssdeep: 6144:2HzSQp5Zm5FPeE48AGM/Uq5FPeE48AGM/R:k1p5I5deE48AGM/Uq5deE48AGM/R
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T139A4284B57FF0508F1B61B78DAF666A30B637C599DBCC50E018CA25D0BF7A848852B63
sha3_384: decadcb9b5d92af7fcde75cb78142679b5b96dee8e971b9d8eaa739eba5b07a5bc982e710f5deb20dfdf731f75a011a3
ep_bytes: ff250020400000000000000000000000
timestamp: 2096-09-03 20:10:50

Version Info:
Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: 掩日 - 免杀执行器生成工具
FileVersion: 1.0.0.0
InternalName: 掩日 - 免杀执行器生成工具.exe
LegalCopyright: Copyright © 1y0n.com  2020
LegalTrademarks: 
OriginalFilename: 掩日 - 免杀执行器生成工具.exe
ProductName: 掩日 - 免杀执行器生成工具
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Malware.AI.3541709408 also known as:

Bkav	W32.AIDetectNet.01
Lionic	Trojan.MSIL.Alien.4!c
MicroWorld-eScan	Trojan.GenericKD.50225750
FireEye	Trojan.GenericKD.50225750
CAT-QuickHeal	Trojan.MSIL
ALYac	Trojan.GenericKD.50225750
Cylance	Unsafe
Sangfor	Trojan.MSIL.Alien.gen
Alibaba	Trojan:MSIL/Alien.80393f42
Symantec	Trojan.Gen.2
Elastic	malicious (moderate confidence)
APEX	Malicious
Paloalto	generic.ml
Kaspersky	HEUR:Trojan.MSIL.Alien.gen
BitDefender	Trojan.GenericKD.50225750
Avast	Win32:TrojanX-gen [Trj]
Tencent	Msil.Trojan.Alien.Wpja
Ad-Aware	Trojan.GenericKD.50225750
Sophos	Mal/Generic-S
TrendMicro	TROJ_GEN.R002C0PE322
McAfee-GW-Edition	RDN/Generic.dx
Emsisoft	Trojan.GenericKD.50225750 (B)
SentinelOne	Static AI – Malicious PE
GData	Trojan.GenericKD.50225750
Avira	HEUR/AGEN.1217905
Microsoft	Trojan:Win32/Wacatac.B!ml
Cynet	Malicious (score: 99)
AhnLab-V3	Malware/Win32.RL_Generic.C4133476
McAfee	RDN/Generic.dx
MAX	malware (ai score=85)
VBA32	TScope.Trojan.MSIL
Malwarebytes	Malware.AI.3541709408
TrendMicro-HouseCall	TROJ_GEN.R002C0PE322
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	PossibleThreat
AVG	Win32:TrojanX-gen [Trj]
Panda	Trj/GdSda.A
CrowdStrike	win/malicious_confidence_70% (W)

How to remove Malware.AI.3541709408?

Malware.AI.3541709408 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X