Malware.AI.4074310878 removal guide

The Malware.AI.4074310878 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.4074310878 virus can do?

The binary contains an unknown PE section name indicative of packing
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid
Binary compilation timestomping detected

How to determine Malware.AI.4074310878?


File Info:
name: 222BD4054E4D7BD407C7.mlw
path: /opt/CAPEv2/storage/binaries/91bfe7c4c0d54caf46dcc69a60f1f8f5795c86859f0c67e33b2486ae7c1bad83
crc32: C1A5970C
md5: 222bd4054e4d7bd407c7cbef99fccb63
sha1: 3df25315560fa9ccf872a3bcc5475f7f227e7d27
sha256: 91bfe7c4c0d54caf46dcc69a60f1f8f5795c86859f0c67e33b2486ae7c1bad83
sha512: 0f59682e5deb463ac71911873da1092cf977dec3e4f6c3373f75909f9ff27559d0de1c5ffae6014e82c0185c2e05eca8aee27d5709c8f2130d3664b18265c448
ssdeep: 12288:34K2B+Ob2a0NXI9mNPjXtEjalL/NekIlf3:oK2B+ObfSIQjXuK/NekIZ
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T1B6D49DB2A20845D0CE6D32311A76FB38A43E7AA1DF505985ABD17CF718F46C0B4F85B9
sha3_384: f6c260162302b381ba065c56852854afb4c5c2acf3bd138b6b27a4318ef4a5dafb0b1c21f7ba2cbf4c1c117c41d96b12
ep_bytes: 5150528d0d18000000648b0101c801c8
timestamp: 2101-11-14 11:54:00

Version Info:
CompanyName: Microsoft Corporation
FileDescription: Windows Command Processor
FileVersion: 10.0.19041.746 (WinBuild.160101.0800)
InternalName: cmd
LegalCopyright: © Microsoft Corporation. All rights reserved.
OriginalFilename: Cmd.Exe
ProductName: Microsoft® Windows® Operating System
ProductVersion: 10.0.19041.746
Translation: 0x0409 0x04b0

Malware.AI.4074310878 also known as:

Elastic	malicious (high confidence)
MicroWorld-eScan	Win32.Expiro.Gen.6
FireEye	Generic.mg.222bd4054e4d7bd4
ALYac	Win32.Expiro.Gen.6
CrowdStrike	win/malicious_confidence_70% (D)
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/Expiro.NDG
APEX	Malicious
BitDefender	Win32.Expiro.Gen.6
NANO-Antivirus	Virus.Win32.Gen.ccmw
Avast	Win32:Xpirat-C [Inf]
Ad-Aware	Win32.Expiro.Gen.6
Emsisoft	Win32.Expiro.Gen.6 (B)
VIPRE	Virus.Win32.Expiro.dp (v)
McAfee-GW-Edition	Artemis
Sophos	ML/PE-A + Mal/EncPk-MK
GData	Win32.Expiro.Gen.6
Avira	TR/Patched.Gen
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
Cynet	Malicious (score: 100)
Acronis	suspicious
McAfee	Artemis!222BD4054E4D
MAX	malware (ai score=86)
VBA32	BScope.Trojan.Wacatac
Malwarebytes	Malware.AI.4074310878
Rising	Malware.Heuristic!ET#76% (RDMK:cmRtazqSoXckmroOa4biwUGJ77OG)
SentinelOne	Static AI – Suspicious PE
Fortinet	W32/Expiro.NDG
AVG	Win32:Xpirat-C [Inf]
Cybereason	malicious.54e4d7

How to remove Malware.AI.4074310878?

Malware.AI.4074310878 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X