Malware.AI.4042673330 removal guide

The Malware.AI.4042673330 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.4042673330 virus can do?

Dynamic (imported) function loading detected
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid
Anomalous .NET characteristics
Anomalous binary characteristics

How to determine Malware.AI.4042673330?


File Info:
name: 5351C787DC4415FD2601.mlw
path: /opt/CAPEv2/storage/binaries/fc62bf9baeb5f89b85daef9b6ea3e59cf68d23e04e3e0144e32aaec7e6f23bf2
crc32: 8E8B8A80
md5: 5351c787dc4415fd2601700b585a3d47
sha1: d1490c6c0dc07bdbc8239477ca8ec3e3a9d134fa
sha256: fc62bf9baeb5f89b85daef9b6ea3e59cf68d23e04e3e0144e32aaec7e6f23bf2
sha512: f616acf45cd6f9c275ddf64fdb2d8e4ff32ee414ce7c02c21ffb8783589e6b7c1b6338b28633e2f1b0a918b2135ba850905e9e43a3efb8767429dbeda080fec8
ssdeep: 49152:bZE5KaoRQODiR51m2FUPLLFs/sjQ1T3YZLO6ZfBk17N:bW5KTm5U2OPnYsjOaLLk1
type: PE32+ executable (GUI) x86-64, for MS Windows
tlsh: T1439533AC3F7B6DDCE7D898761A8152E44482DE87FBC8447AF1430B4CF81CEA9E426165
sha3_384: 3763efc298fe1e718e9ade76031b398fcfcac50dbe75b626a2251f3450e602094ccc6bd55aa22d7b05bf13b33324c52b
ep_bytes: 4d5a90000300000004000000ffff0000
timestamp: 2021-11-22 14:20:46

Version Info:
Translation: 0x0000 0x04b0
FileDescription:  
FileVersion: 0.0.0.0
InternalName: rez.exe
LegalCopyright:  
OriginalFilename: rez.exe
ProductVersion: 0.0.0.0
Assembly Version: 0.0.0.0

Malware.AI.4042673330 also known as:

Lionic	Trojan.MSIL.Miner.4!c
Elastic	malicious (high confidence)
DrWeb	Trojan.MulDropNET.46
MicroWorld-eScan	Trojan.GenericKD.38098848
FireEye	Generic.mg.5351c787dc4415fd
ALYac	Trojan.GenericKD.38098848
Cylance	Unsafe
Zillya	Dropper.Agent.Win32.467031
K7AntiVirus	Trojan ( 0057f9ce1 )
Alibaba	Malware:Win32/Dorpal.ali1000029
K7GW	Trojan ( 0057f9ce1 )
CrowdStrike	win/malicious_confidence_60% (W)
Cyren	W64/MSIL_Troj.BCG.gen!Eldorado
Symantec	Trojan.Gen.MBT
ESET-NOD32	a variant of MSIL/TrojanDropper.Agent.FGN
TrendMicro-HouseCall	TROJ_GEN.R002C0DKN21
Paloalto	generic.ml
Kaspersky	HEUR:Trojan.MSIL.Miner.gen
BitDefender	Trojan.GenericKD.38098848
Avast	Win64:CoinminerX-gen [Trj]
Tencent	Msil.Trojan.Miner.Sttx
Ad-Aware	Trojan.GenericKD.38098848
Emsisoft	Trojan.GenericKD.38098848 (B)
Comodo	fls.noname@0
TrendMicro	TROJ_GEN.R002C0DKN21
McAfee-GW-Edition	BehavesLike.Win64.Generic.tc
Sophos	Mal/Generic-S
Ikarus	Trojan-Dropper.MSIL.Agent
GData	Trojan.GenericKD.38098848
Webroot	W32.Trojan.Gen
Avira	HEUR/AGEN.1203865
Gridinsoft	Ransom.Win64.Gen.sa
Microsoft	Trojan:MSIL/AgentTesla.CHH!MTB
Cynet	Malicious (score: 100)
AhnLab-V3	Trojan/Win.Generic.C4564444
McAfee	AgentTesla-FDCZ!5351C787DC44
MAX	malware (ai score=100)
VBA32	Trojan.MSIL.Miner
Malwarebytes	Malware.AI.4042673330
APEX	Malicious
SentinelOne	Static AI – Malicious PE
Fortinet	MSIL/Agent.FGN!tr
AVG	Win64:CoinminerX-gen [Trj]
Cybereason	malicious.c0dc07
Panda	Trj/CI.A

How to remove Malware.AI.4042673330?

Malware.AI.4042673330 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X