About “Malware.AI.4204428690” infection

The Malware.AI.4204428690 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.4204428690 virus can do?

Unconventionial language used in binary resources: Chinese (Simplified)
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid

How to determine Malware.AI.4204428690?


File Info:
name: 135D1017358C9C7D6234.mlw
path: /opt/CAPEv2/storage/binaries/6560037341472c6d1ccf0313fd5d01fdad19bfa10c830762fb586ac223b2f146
crc32: 09587993
md5: 135d1017358c9c7d623421c766f30b6c
sha1: 1e66302ebd92b5082747146492b21b704421d519
sha256: 6560037341472c6d1ccf0313fd5d01fdad19bfa10c830762fb586ac223b2f146
sha512: 0677dab928b4e0f2751ec050ab7f97a271e110ea696f408a767b91e200fb890be2b036194611bc4618b81e750f7131bc9182e8b9b7f4dd2beec694856ccc6079
ssdeep: 24576:qGAl9h70ruglD+UTfM6wSMWIFXolgEXIbVqPsUArjZqcFelA0RlZhEq9mNluawND:cr0rugjfM60WIKlx4TvgFA0h3mNluPD
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1B185F1153ED1E476C1B232B18AE7D379B9B5AC305D36460B37D12B3D1E348829B2A736
sha3_384: 28efb0dfcd9919ca438912e5688112edbfe9e0a11ee7ef03acdfb154bf51e45e22e45450af892bfaef4049fcc1029041
ep_bytes: e872b40000e978feffff6a106878d147
timestamp: 2022-07-25 10:01:02

Version Info:
CompanyName: 360.cn
FileDescription: 360?? ??????
FileVersion: 5, 0, 0, 5061
InternalName: Win32FuncLoader.exe
LegalCopyright: (C)360.cn All Rights Reserved.
OriginalFilename: Win32FuncLoader.exe
ProductName: 360??
ProductVersion: 5, 0, 0, 5061
Translation: 0x0409 0x04b0

Malware.AI.4204428690 also known as:

Bkav	W32.AIDetect.malware2
Lionic	Trojan.Win32.Lotok.m!c
MicroWorld-eScan	Gen:Variant.Lazy.241025
FireEye	Gen:Variant.Lazy.241025
ALYac	Gen:Variant.Lazy.241025
Cylance	Unsafe
VIPRE	Gen:Variant.Lazy.241025
K7AntiVirus	Trojan ( 005986241 )
BitDefender	Gen:Variant.Lazy.241025
CrowdStrike	win/malicious_confidence_100% (W)
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (moderate confidence)
ESET-NOD32	a variant of Win32/GenKryptik.FZSH
APEX	Malicious
Paloalto	generic.ml
Kaspersky	Backdoor.Win32.Lotok.izw
Alibaba	Trojan:Win32/GenKryptik.8beecfaf
Cynet	Malicious (score: 99)
Rising	Trojan.Generic@AI.82 (RDML:j8qoGKkCsod9GU6G4StlUw)
Ad-Aware	Gen:Variant.Lazy.241025
Sophos	Mal/Generic-S
McAfee-GW-Edition	Artemis!Trojan
Trapmine	malicious.high.ml.score
Emsisoft	Gen:Variant.Lazy.241025 (B)
Avira	TR/Kryptik.ffcfz
Antiy-AVL	Trojan/Generic.ASMalwS.5123
Microsoft	Trojan:Win32/Wacatac.B!ml
GData	Gen:Variant.Lazy.241025
AhnLab-V3	Trojan/Win.Generic.C5239969
McAfee	Artemis!135D1017358C
MAX	malware (ai score=80)
Malwarebytes	Malware.AI.4204428690
TrendMicro-HouseCall	TROJ_GEN.R002H0CIJ22
Tencent	Win32.Backdoor.Lotok.Rgil
Fortinet	W32/PossibleThreat
AVG	Win32:MalwareX-gen [Trj]
Avast	Win32:MalwareX-gen [Trj]

How to remove Malware.AI.4204428690?

Malware.AI.4204428690 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X