Malware.AI.4113093004 removal guide

The Malware.AI.4113093004 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.4113093004 virus can do?

SetUnhandledExceptionFilter detected (possible anti-debug)
Behavioural detection: Executable code extraction – unpacking
At least one process apparently crashed during execution
Creates RWX memory
Authenticode signature is invalid

How to determine Malware.AI.4113093004?


File Info:
name: 397BAE6A47973B426333.mlw
path: /opt/CAPEv2/storage/binaries/b4f57b97439bd768541c1ef778cf9d7503e8a6ab123450cc57355fc40fb2e60f
crc32: 191DBE67
md5: 397bae6a47973b4263334833dc6b0554
sha1: c88d0a189ecceb3c82cfb53bf7cfa64be63369aa
sha256: b4f57b97439bd768541c1ef778cf9d7503e8a6ab123450cc57355fc40fb2e60f
sha512: 07d94a35a8e4ebb65893e083678782aff2b71d608732ad177c5c505bcef45f6262815670c1a418ee3501869326a2a2b75b35ddf35b7f873f43d2bcf2e13b8446
ssdeep: 768:X43DT59D644V3YyvdzARl8Nk3XH3xDCiupDPJRIzAGKr1Vc5z:XO64kYrRfH3wrDPcArs5z
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T1F1337D223941D036C00550754876C2B1AE7F793217F5D983BB990BBECF723E9A63A389
sha3_384: 687985fc1d9227d1b6f7a50c24d772a215b35a798e6e7f0cc2f1a92beeb46503527bde6de70a9b0a509bd64bddfc8f03
ep_bytes: e806300000e9a4feffff558bec83ec08
timestamp: 2015-09-21 05:05:22

Version Info:
0: [No Data]

Malware.AI.4113093004 also known as:

MicroWorld-eScan	Exploit.CVE-2008-1084.A
McAfee	GenericRXAA-AA!397BAE6A4797
Cylance	Unsafe
Sangfor	Exploit.Win32.CVE-2008-1084.gen
Alibaba	Exploit:Win32/CVE-2008-1084.27be51d9
CrowdStrike	win/malicious_confidence_100% (W)
Symantec	Trojan.Maljava
Kaspersky	HEUR:Exploit.Win32.CVE-2008-1084.gen
BitDefender	Exploit.CVE-2008-1084.A
Tencent	Malware.Win32.Gencirc.1130b482
Ad-Aware	Exploit.CVE-2008-1084.A
Emsisoft	Exploit.CVE-2008-1084.A (B)
Zillya	Exploit.CVE.Win32.2449
TrendMicro	TROJ_GEN.R002C0PHO21
McAfee-GW-Edition	Artemis!Trojan
FireEye	Exploit.CVE-2008-1084.A
Sophos	Mal/Generic-S
Ikarus	Exploit.CVE-2008-1084
GData	Exploit.CVE-2008-1084.A
Jiangmin	Exploit.CVE-2008-1084.a
Webroot	W32.Trojan.Gen
Avira	EXP/CVE-2008-1084.inpfo
MAX	malware (ai score=86)
Arcabit	Exploit.CVE-2008-1084.A
Microsoft	Trojan:Win32/Occamy.AA
VBA32	BScope.Exploit.CVE-2008-1084
ALYac	Exploit.CVE-2008-1084.A
Malwarebytes	Malware.AI.4113093004
TrendMicro-HouseCall	TROJ_GEN.R002C0PHO21
Rising	Exploit.CVE-2008-1084!8.F429 (CLOUD)
MaxSecure	Trojan.Malware.11791027.susgen
Fortinet	W32/CVE_2008_1084!exploit
Cybereason	malicious.a47973

How to remove Malware.AI.4113093004?

Malware.AI.4113093004 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X