How to remove “Malware.AI.3906867217”?

The Malware.AI.3906867217 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.3906867217 virus can do?

Authenticode signature is invalid
Binary compilation timestomping detected

How to determine Malware.AI.3906867217?


File Info:
name: 53D2B357E13950B55C58.mlw
path: /opt/CAPEv2/storage/binaries/34514355f2eb75709a0ff2f2d0d6f9c8eaad955b1c7d3b4b297d39adfa2f7926
crc32: 87337F14
md5: 53d2b357e13950b55c586a2802f2b81f
sha1: 3c6f5b0e4bc978046c6ac9bf5bacd4c55531ac90
sha256: 34514355f2eb75709a0ff2f2d0d6f9c8eaad955b1c7d3b4b297d39adfa2f7926
sha512: e45d5b75a82f11dba987b9e8053a4c61de342a89dea238ddadbcc4876f57e5567c82139df00e795225948cc3d0239f5555d25ff5777651facbba96a99773485a
ssdeep: 3072:g5iBVfJnAI8gVQnVOxbIpjL2jDVZDU17Zn8HrAS0eRyAP8OjfyNxZus:gIfJnAIR54ee58HrASzcOWNX
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T152B42A386A50E657C178CBF2D851CD8723DCD9CD0552BB0268DDEA3C2DE1ACEE09965C
sha3_384: 169a4d4a4a39e06f3f5388e600040e0591d10e25488b3fa7b615130717ee8ccddf9890db073924b6ab9e9cefab8e966c
ep_bytes: ff250020400000000000000000000000
timestamp: 2046-01-04 21:49:17

Version Info:
Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: Moon Config
FileVersion: 1.0.0.0
InternalName: Moon Config.exe
LegalCopyright: Copyright ©  2020
LegalTrademarks: 
OriginalFilename: Moon Config.exe
ProductName: Moon Config
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Malware.AI.3906867217 also known as:

Bkav	W32.AIDetectMalware.CS
Lionic	Trojan.Win32.GenericML.4!c
Elastic	malicious (moderate confidence)
MicroWorld-eScan	Gen:Variant.Bulz.579879
Skyhigh	Artemis!Trojan
McAfee	Artemis!53D2B357E139
Cylance	unsafe
Sangfor	Suspicious.Win32.Save.a
Alibaba	Trojan:Win32/Agenttesla.b6c5ec3e
Cybereason	malicious.e4bc97
Arcabit	Trojan.Bulz.D8D927
BitDefenderTheta	Gen:NN.ZemsilF.36680.Gm0@aKfIe3b
VirIT	Trojan.Win32.MSIL_Heur.A
Symantec	ML.Attribute.HighConfidence
tehtris	Generic.Malware
ESET-NOD32	a variant of Generik.NQJNOSD
Cynet	Malicious (score: 99)
APEX	Malicious
Kaspersky	UDS:Trojan.Multi.GenericML.xnet
BitDefender	Gen:Variant.Bulz.579879
Emsisoft	Gen:Variant.Bulz.579879 (B)
F-Secure	Trojan.TR/ATRAPS.Gen
TrendMicro	TROJ_GEN.R002C0GAB24
Sophos	Mal/Generic-S
Ikarus	Trojan.Agent
Varist	W32/AgentTesla.ISXA-4160
Avira	TR/ATRAPS.Gen
Antiy-AVL	Trojan/Win32.SGeneric
Microsoft	Trojan:Win32/Wacatac.B!ml
ZoneAlarm	UDS:Trojan.Multi.GenericML.xnet
GData	Gen:Variant.Bulz.579879
Google	Detected
AhnLab-V3	Trojan/Win.Generic.C4594320
VBA32	TScope.Trojan.MSIL
ALYac	Gen:Variant.Bulz.579879
DeepInstinct	MALICIOUS
Malwarebytes	Malware.AI.3906867217
TrendMicro-HouseCall	TROJ_GEN.R002C0GAB24
Tencent	Malware.Win32.Gencirc.13f8fa76
Yandex	Trojan.ATRAPS!ctLG9AKsdbA
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.1728101.susgen
Fortinet	PossibleThreat.PALLAS.H
Panda	Trj/GdSda.A
CrowdStrike	win/malicious_confidence_100% (W)

How to remove Malware.AI.3906867217?

Malware.AI.3906867217 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X