Malware.AI.3646749662 (file analysis)

The Malware.AI.3646749662 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.3646749662 virus can do?

Authenticode signature is invalid
Binary compilation timestomping detected

How to determine Malware.AI.3646749662?


File Info:
name: 68119EBC38F898BE0E7B.mlw
path: /opt/CAPEv2/storage/binaries/1224178fec01e7428dd5ce6feaf9c5dd99f4ff04a7d8fc55519f412b0cc7da48
crc32: AB0FA5FE
md5: 68119ebc38f898be0e7ba21f2d3f53cc
sha1: 4bdc6fc56a63191d1ce1fabc13499feebc1ae464
sha256: 1224178fec01e7428dd5ce6feaf9c5dd99f4ff04a7d8fc55519f412b0cc7da48
sha512: 1222dd9c4df2ab56b238e59f313d3c53e8bbb7c3583d26650bffbbaf6c32a2299efc375ce28d4ae7ac85bb07f4b62466ef352d6584307c774de97026464b9910
ssdeep: 768:XEIEFZ0+5TnW5MGvb6TNpC6CBdfd5s4i:0I4Z0+5TnW5MGvb6TNpEndq4i
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1F3B2C60873F46E25E1BD8AB65EF0900403B7B557C562E60F0E4B644E09B37A8DE61FA7
sha3_384: a8bdca34bc8edcda67dfa9e52dbf6dc1470e6b19bba04021b70ad3c66a812b71972c14db704f5a1e760331c5c9b3c4ea
ep_bytes: ff250020400000000000000000000000
timestamp: 2075-01-21 06:23:35

Version Info:
Translation: 0x0000 0x04b0
Comments: Хост-процесс для задач Windows
CompanyName: 
FileDescription: Хост-процесс для задач Windows
FileVersion: 10.0.19041.906
InternalName: taskhostw.exe
LegalCopyright: © Корпорация Майкрософт Вселенная
LegalTrademarks: 
OriginalFilename: taskhostw.exe
ProductName: Операционная система Microsoft
ProductVersion: 10.0.19041.906
Assembly Version: 10.0.19041.906

Malware.AI.3646749662 also known as:

Lionic	Trojan.Multi.GenericML.4!c
MicroWorld-eScan	Trojan.GenericKD.38874115
FireEye	Generic.mg.68119ebc38f898be
ALYac	Trojan.GenericKD.38874115
Malwarebytes	Malware.AI.3646749662
Zillya	Trojan.Agent.Win32.2618876
Sangfor	Trojan.Win32.Wacatac.B
K7AntiVirus	Trojan ( 0058e7651 )
Alibaba	Trojan:MSIL/Generic.c076a470
K7GW	Trojan ( 0058e7651 )
Cybereason	malicious.c38f89
BitDefenderTheta	Gen:NN.ZemsilF.34212.bm0@au3XSxg
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	MSIL/Agent.DRW
APEX	Malicious
BitDefender	Trojan.GenericKD.38874115
Avast	Win32:TrojanX-gen [Trj]
Tencent	Win32.Trojan.Ursu.Wncj
Ad-Aware	Trojan.GenericKD.38874115
Emsisoft	Trojan.GenericKD.38874115 (B)
TrendMicro	TROJ_GEN.R002C0PA722
McAfee-GW-Edition	RDN/Generic.rp
Sophos	Mal/Generic-S
Ikarus	Trojan.MSIL.Agent
GData	Trojan.GenericKD.38874115
Webroot	W32.Trojan.Gen
Avira	HEUR/AGEN.1203743
Antiy-AVL	Trojan/Generic.ASMalwS.34FF2AE
Arcabit	Trojan.Generic.D2512C03
Microsoft	Trojan:Win32/Tiggre!rfn
Cynet	Malicious (score: 100)
AhnLab-V3	Trojan/Win.Generic.C4928524
McAfee	RDN/Generic.rp
MAX	malware (ai score=84)
VBA32	TScope.Trojan.MSIL
Cylance	Unsafe
TrendMicro-HouseCall	TROJ_GEN.R002C0PA722
SentinelOne	Static AI – Malicious PE
Fortinet	PossibleThreat
AVG	Win32:TrojanX-gen [Trj]
Panda	Trj/GdSda.A
CrowdStrike	win/malicious_confidence_90% (W)
MaxSecure	Trojan.Malware.139759814.susgen

How to remove Malware.AI.3646749662?

Malware.AI.3646749662 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X