Malware.AI.4043050160 removal guide

The Malware.AI.4043050160 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.4043050160 virus can do?

Unconventionial language used in binary resources: Korean
Authenticode signature is invalid
Anomalous binary characteristics

How to determine Malware.AI.4043050160?


File Info:
name: 141EB323F288FDBD6DA2.mlw
path: /opt/CAPEv2/storage/binaries/e5a6916d3b89923919c5f3a45b061c147452b032f9f3e87d625f5a2b3140a1cc
crc32: 4DBAA506
md5: 141eb323f288fdbd6da2e3d5367f7167
sha1: 809adf0a0c05bb8bc252d4e0d376deb3e49d102c
sha256: e5a6916d3b89923919c5f3a45b061c147452b032f9f3e87d625f5a2b3140a1cc
sha512: ead06336ade4eb5e07fc0f20860106a17ad8555cf8a900d55c803237485ecd4ee702706f95c5689493461f131561b77be61ab48e95992963bffa7f05f42bcc4b
ssdeep: 49152:BoZrnSUHXU+2UySU89UwN+ijXAAwfokXW2SYk:BbUHXU+2UySU89UwNfbwSx
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T12AF53B20F212C01FEDE651F6C2FE9B7E9A20A759430528C321DC9D6A77E55F2B83590B
sha3_384: dbaa06e89570f9152f6f19add4bf842847ebdcba618744c7302f273fefc3e62e21e8ca840636088f102e3487543bf555
ep_bytes: 682d5d5e00ff15f4bc8c0c09c00f8435
timestamp: 2007-07-13 11:02:47

Version Info:
Comments: 
CompanyName: Webzen
FileDescription: GameServer
FileVersion: 1, 0, 18, 0
InternalName: GameServer
LegalCopyright: Copyright ⓒ 2006
LegalTrademarks: 
OriginalFilename: GameServer.exe
PrivateBuild: 
ProductName: GameServer
ProductVersion: 1, 0, 18, 0
SpecialBuild: 
Translation: 0x0412 0x04b0

Malware.AI.4043050160 also known as:

Lionic	Trojan.Win32.Generic.4!c
FireEye	Generic.mg.141eb323f288fdbd
Malwarebytes	Malware.AI.4043050160
Sangfor	Trojan.Win32.Wacatac.C
Alibaba	Trojan:Win32/Generic.c991f683
Cybereason	malicious.a0c05b
VirIT	Trojan.Win32.KillFiles.BKHJ
Cyren	W32/S-61641431!Eldorado
Symantec	ML.Attribute.HighConfidence
APEX	Malicious
Paloalto	generic.ml
Kaspersky	HEUR:Trojan.Win32.Generic
NANO-Antivirus	Trojan.Win32.Juched.fgirhn
Avast	FileRepMalware
Tencent	Malware.Win32.Gencirc.10bcbbc2
Comodo	TrojWare.Win32.Downloader.Agent.edzx@4uae14
DrWeb	Trojan.KillFiles.28620
VIPRE	Trojan-Downloader.Win32.Agent
McAfee-GW-Edition	GenericRXES-ND!141EB323F288
Ikarus	Trojan-Dropper.Agent
Jiangmin	TrojanDownloader.Agent.csej
ZoneAlarm	HEUR:Trojan.Win32.Generic
Microsoft	Trojan:Win32/Ymacco.AA50
Cynet	Malicious (score: 100)
McAfee	GenericRXES-ND!141EB323F288
VBA32	Trojan.KillFiles
Rising	Trojan.Generic!8.C3 (CLOUD)
Yandex	Trojan.GenAsa!wxf9k/ydtsA
Fortinet	W32/Generic.ND!tr
BitDefenderTheta	Gen:NN.ZexaF.34182.yB1@auPyodpO
AVG	FileRepMalware
CrowdStrike	win/malicious_confidence_60% (W)

How to remove Malware.AI.4043050160?

Malware.AI.4043050160 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X