Malware.AI.4124390375 (file analysis)

The Malware.AI.4124390375 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.4124390375 virus can do?

Unconventionial language used in binary resources: Chinese (Simplified)
Authenticode signature is invalid

How to determine Malware.AI.4124390375?


File Info:
name: 8FE4E916B0E0C9974131.mlw
path: /opt/CAPEv2/storage/binaries/e477f68d30a8aeff22de1b6778863f4d8f817e6a05b520a5db82c9e7deb63882
crc32: B2DAFA12
md5: 8fe4e916b0e0c997413121d0609f3a4d
sha1: ab00f9d89c9e6a18abe48dd5c30115c80d9da2f2
sha256: e477f68d30a8aeff22de1b6778863f4d8f817e6a05b520a5db82c9e7deb63882
sha512: 7c281f2edcd5c877a540605a867286938462a6dd62f37f29a9ab2213c6b53a63722b1258f9ee844bba1dfd85de53259be3cb63a441c3978ea5db39c4751b1bf5
ssdeep: 98304:eRh7thP0FVswUuTguiLOrUGKT8BcKuHn59LZKNZbbbMnfnfRoO8:+tthPKVswUuTguiLOrUGKT8BcKuHnnZ6
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T17D464B206A910CEBE47307FA256C00D014DE2F792F548CEB993CBB95A97449EF42677E
sha3_384: 46328efef0c57d9403b4e1aaf3327d9bb479a42904aaad556c13559c9dd3f14ef42b29f987e04ffb1a8ffe459dc65eda
ep_bytes: e84a090000e936fdffff538a5c2408f6
timestamp: 2023-03-01 03:09:18

Version Info:
CompanyName: AOMEI  Technology Co., Ltd.
FileDescription: Disk Defrag
FileVersion: 1.2.0
InternalName: Defrag.exe
LegalCopyright: Copytight (C) AOMEI International Network Limited
OriginalFilename: Defrag.exe
ProductName: AOMEI Partition Assistant
ProductVersion: 1.2.0
Translation: 0x0409 0x04e4

Malware.AI.4124390375 also known as:

MicroWorld-eScan	Win32.Expiro.Gen.7
FireEye	Win32.Expiro.Gen.7
CAT-QuickHeal	W32.Expiro.R3
ALYac	Win32.Expiro.Gen.7
VIPRE	Win32.Expiro.Gen.7
K7AntiVirus	Virus ( 00594aea1 )
K7GW	Virus ( 00594aea1 )
Cyren	W32/Expiro.AU.gen!Eldorado
Symantec	W32.Xpiro.J!dam
Elastic	malicious (moderate confidence)
ESET-NOD32	a variant of Win32/Expiro.NDX
Kaspersky	Virus.Win32.Moiva.a
BitDefender	Win32.Expiro.Gen.7
NANO-Antivirus	Virus.Win32.Virut-Gen.bwpxnc
Avast	Win32:Dh-A [Heur]
Tencent	Virus.Win32.VirMoiva.a
TACHYON	Virus/W32.Movia
Sophos	W32/Moiva-A
F-Secure	Malware.W32/Infector.Gen
DrWeb	Win32.Expiro.158
TrendMicro	Virus.Win32.EXPIRO.JMA
McAfee-GW-Edition	Artemis
Emsisoft	Win32.Expiro.Gen.7 (B)
Ikarus	Virus.Win64.Expiro
GData	Win32.Expiro.Gen.7
Avira	W32/Infector.Gen
Antiy-AVL	Virus/Win32.Expiro.x
Arcabit	Win32.Expiro.Gen.7
ZoneAlarm	Virus.Win32.Moiva.a
Microsoft	Trojan:Win32/Wacatac.B!ml
AhnLab-V3	Virus/Win.Expiro.X2164
McAfee	Artemis!8FE4E916B0E0
MAX	malware (ai score=86)
VBA32	BScope.Trojan.Convagent
Malwarebytes	Malware.AI.4124390375
Panda	W32/Moyv.A
Fortinet	W32/Expiro.NDP!tr
AVG	Win32:Dh-A [Heur]
CrowdStrike	win/malicious_confidence_60% (D)

How to remove Malware.AI.4124390375?

Malware.AI.4124390375 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X