Malware.AI.4113893319 (file analysis)

The Malware.AI.4113893319 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.4113893319 virus can do?

The binary likely contains encrypted or compressed data.
Authenticode signature is invalid
Yara detections observed in process dumps, payloads or dropped files

How to determine Malware.AI.4113893319?


File Info:
name: 12A3FAE11413A83F48C2.mlw
path: /opt/CAPEv2/storage/binaries/768e7ada19c957e314d56df551f73a923fcd6e96a9b7607b758ee842f53c7f14
crc32: 531F27B0
md5: 12a3fae11413a83f48c26fe9416205b6
sha1: 9fdc1692a45684613458861f488902edf6d13773
sha256: 768e7ada19c957e314d56df551f73a923fcd6e96a9b7607b758ee842f53c7f14
sha512: 32fc80f6cfdcce34788b098dfb499aed0faa2b46403a6262d43870ae2f133e5ad2b83ae0437d33902e928b0940a79ed5d1e0ff6626e53a4b121696a66c42fbe9
ssdeep: 49152:bh+ZkldoPK8YaQZBHvT2RnUyvHdGFCRZZOF:E2cPK8B7dGoO
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T14385EF1273E5D032FFAB92739B6AB20696BD79250133852F13981DB9BC705B1177E223
sha3_384: 3e9fe43c751bbeb25ad2e5bfa0ca08aaec9227bce4b52b54ad7b5f0100bec5e621b0b9d111437f33679ebd177b41fabc
ep_bytes: e8c8d00000e97ffeffffcccccccccccc
timestamp: 2021-10-11 12:11:03

Version Info:
Translation: 0x0809 0x04b0

Malware.AI.4113893319 also known as:

Lionic	Trojan.Win32.Nymeria.4!c
MicroWorld-eScan	AIT:Trojan.Nymeria.5146
FireEye	Generic.mg.12a3fae11413a83f
Skyhigh	BehavesLike.Win32.Generic.tc
ALYac	AIT:Trojan.Nymeria.5146
Cylance	unsafe
Sangfor	Trojan.Win32.Agent.Vtw7
CrowdStrike	win/malicious_confidence_70% (W)
Elastic	malicious (high confidence)
APEX	Malicious
McAfee	Artemis!12A3FAE11413
BitDefender	AIT:Trojan.Nymeria.5146
Emsisoft	AIT:Trojan.Nymeria.5146 (B)
VIPRE	AIT:Trojan.Nymeria.5146
Sophos	Generic ML PUA (PUA)
SentinelOne	Static AI – Malicious PE
GData	AIT:Trojan.Nymeria.5146 (2x)
Kingsoft	malware.kb.a.975
Arcabit	AIT:Trojan.Nymeria.D141A [many]
MAX	malware (ai score=87)
VBA32	Trojan.Autoit.Injcrypt
Malwarebytes	Malware.AI.4113893319
TrendMicro-HouseCall	TROJ_GEN.R002H09AP24
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/PossibleThreat
Cybereason	malicious.11413a

How to remove Malware.AI.4113893319?

Malware.AI.4113893319 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X