Malware.AI.3570268877 removal tips

The Malware.AI.3570268877 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.3570268877 virus can do?

The binary likely contains encrypted or compressed data.
Authenticode signature is invalid

How to determine Malware.AI.3570268877?


File Info:
name: 24F39988C330ACBAE7F0.mlw
path: /opt/CAPEv2/storage/binaries/c39ddbdbae61bb8d056d6b7dc35e44dee6552c32f23f669ccc9ed7e7f998c82e
crc32: 182F474E
md5: 24f39988c330acbae7f03b1fd071f513
sha1: 9ac3e0e0382e7542278fb87d1a892aa5cf794e64
sha256: c39ddbdbae61bb8d056d6b7dc35e44dee6552c32f23f669ccc9ed7e7f998c82e
sha512: a56094492ed2f411df0d2799c22001aabcf6b5fcafd827c515ec115db8e95cea9a2a7169f5a797121145ef07bd33c8aefd85c15c8c1de729c4c3fd98b064d620
ssdeep: 12288:sWVOopQZ1u0wyoWR/GZBnkJL63hGFOhZM3/QRqKFQJiyH8RI0/4XY0T:sBZ1u07oWR+vnkJL2hGgu/QVWCITT
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T111D42359B5FD4398DE95593149A850F0B8F80D57B268C0AFB31337AB84389EECD3281B
sha3_384: ba1751aed0f4c846aa7379125ec7159cf582640545568763aa54cd24c985e352650433a3bbbdc02eba5954d0fe45acf3
ep_bytes: e870080000e9b3fdffff8bff558bec81
timestamp: 2019-12-11 10:32:42

Version Info:
Comments: Java Access Bridge
CompanyName: Oracle Corporation
FileDescription: Java(TM) Platform SE binary
FileVersion: 8.0.2410.7
Full Version: 1.8.0_241-b07
InternalName: jabswitch
LegalCopyright: Copyright © 2019
OriginalFilename: jabswitch.exe
ProductName: Java(TM) Platform SE 8
ProductVersion: 8.0.2410.7
Translation: 0x0409 0x04b0

Malware.AI.3570268877 also known as:

Bkav	W32.AIDetect.malware2
Elastic	malicious (high confidence)
FireEye	Generic.mg.24f39988c330acba
Cylance	Unsafe
K7AntiVirus	Trojan ( 0058ca311 )
Alibaba	Trojan:Win32/Vitro.8599b6e3
K7GW	Trojan ( 0058ca311 )
Cybereason	malicious.0382e7
Cyren	W32/Expiro.AU.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/GenKryptik.FPMV
APEX	Malicious
Avast	Win32:Vitro [Inf]
Kaspersky	HEUR:Trojan.Win32.Waldek.gen
NANO-Antivirus	Virus.Win32.Virut-Gen.bwpxnc
Tencent	Win32.Trojan.Waldek.Htcl
Sophos	Mal/Generic-S
McAfee-GW-Edition	BehavesLike.Win32.Expiro.hc
GData	Win32.Trojan.Agent.IZRCN9
Avira	TR/Patched.Gen
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
Cynet	Malicious (score: 100)
Acronis	suspicious
McAfee	Artemis!24F39988C330
VBA32	BScope.Trojan.Convagent
Malwarebytes	Malware.AI.3570268877
TrendMicro-HouseCall	TROJ_GEN.R002H0CA522
Rising	Virus.Expiro!8.375 (CLOUD)
Yandex	Trojan.Agent_AGen!Z3wMSkXH9iE
SentinelOne	Static AI – Malicious PE
Fortinet	W32/Expiro.NDO!tr
AVG	Win32:Vitro [Inf]
CrowdStrike	win/malicious_confidence_60% (W)

How to remove Malware.AI.3570268877?

Malware.AI.3570268877 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X