How to remove “Malware.AI.4028384514”?

The Malware.AI.4028384514 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.4028384514 virus can do?

Reads data out of its own binary image
CAPE extracted potentially suspicious content
Authenticode signature is invalid

How to determine Malware.AI.4028384514?


File Info:
name: 67CF16BAF0D0CB48B627.mlw
path: /opt/CAPEv2/storage/binaries/af21deb99fe09c5ffd294804835de9368bac516e79d0b03dabe91467e9e301fb
crc32: 6FF18730
md5: 67cf16baf0d0cb48b62728cf3387f76c
sha1: 90012571edc3c7fc8112a42811d7090ccb3d0a06
sha256: af21deb99fe09c5ffd294804835de9368bac516e79d0b03dabe91467e9e301fb
sha512: 6bb60a544a67296379b3ec3f41500e6b98e2e90a85ebab89e487aa7d357264f6bf49b06f9c785345fab8fcd324e216e2575151e49fc0b45c20e44e7a9048d382
ssdeep: 49152:NlzpbsqJeIL+jrmHcmJtyqdJAPM/Hi/mY5n9813AxMu9EFcjRd+iweJ0qmVCJAJK:NlzpAqNNhJ
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T10706B81039EF207AE393551C97D4BA6DD41BE2735A0A6FFE10A63A4ECA52D83CCD1721
sha3_384: f616f2fe07c0fabbf6d2bb0c1712ff551d833c4be489776145490b5ea904c27ee79cf4f19be98430b20790d696b670ee
ep_bytes: ff250020400000000000000000000000
timestamp: 2015-07-24 14:33:05

Version Info:
Translation: 0x0000 0x04b0
Comments: test2
CompanyName: test2
FileDescription: test2
FileVersion: 1.0.0.0
InternalName: test.exe
LegalCopyright: test2
LegalTrademarks: test2
OriginalFilename: test.exe
ProductName: test2
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Malware.AI.4028384514 also known as:

Bkav	W32.AIDetectNet.01
Lionic	Trojan.Multi.Generic.4!c
AVG	MSIL:GenMalicious-ARE [Trj]
Elastic	malicious (moderate confidence)
MicroWorld-eScan	Gen:Variant.Lazy.176691
FireEye	Generic.mg.67cf16baf0d0cb48
McAfee	GenericRXKZ-XS!67CF16BAF0D0
Cylance	unsafe
Zillya	Trojan.Injector.Win32.631118
Sangfor	Suspicious.Win32.Save.a
K7AntiVirus	Trojan ( 0055e39a1 )
Alibaba	Trojan:MSIL/Injector.3da56442
K7GW	Trojan ( 0055e39a1 )
CrowdStrike	win/malicious_confidence_100% (W)
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of MSIL/Injector.LQA
Cynet	Malicious (score: 100)
APEX	Malicious
Kaspersky	UDS:DangerousObject.Multi.Generic
BitDefender	Gen:Variant.Lazy.176691
Avast	MSIL:GenMalicious-ARE [Trj]
Sophos	ML/PE-A
VIPRE	Gen:Variant.Lazy.176691
McAfee-GW-Edition	BehavesLike.Win32.Generic.wh
Trapmine	malicious.high.ml.score
Emsisoft	Gen:Variant.Lazy.176691 (B)
SentinelOne	Static AI – Malicious PE
GData	Gen:Variant.Lazy.176691
Avira	HEUR/AGEN.1234900
MAX	malware (ai score=100)
Arcabit	Trojan.Lazy.D2B233
Microsoft	Trojan:Win32/Wacatac.B!ml
Google	Detected
Acronis	suspicious
BitDefenderTheta	Gen:NN.ZemsilF.36308.Kp0@aikGQ5c
ALYac	Gen:Variant.Lazy.176691
Malwarebytes	Malware.AI.4028384514
Rising	Malware.Obfus/MSIL@AI.90 (RDM.MSIL2:ah6+Ievtn08nl1us2Knueg)
Yandex	Trojan.Injector!Ec869v4BuTw
Ikarus	Trojan.MSIL.Injector
Fortinet	MSIL/Injector.KZN!tr
Panda	Trj/CI.A

How to remove Malware.AI.4028384514?

Malware.AI.4028384514 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X