About “Malware.AI.4204803021” infection

The Malware.AI.4204803021 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.4204803021 virus can do?

CAPE extracted potentially suspicious content
.NET file is packed/obfuscated with SmartAssembly
Authenticode signature is invalid

How to determine Malware.AI.4204803021?


File Info:
name: 4EC78039E862161A3FBE.mlw
path: /opt/CAPEv2/storage/binaries/b024ca956fe468479dea6a194ecd6fe12c1a37ee4158d7f18530a9ee824688ad
crc32: 449C033D
md5: 4ec78039e862161a3fbe69dfddbe0f22
sha1: 319ec2339e1bd07d55842fffad8ccd8f2f9e0b05
sha256: b024ca956fe468479dea6a194ecd6fe12c1a37ee4158d7f18530a9ee824688ad
sha512: 7b2d190881731d24d9fc7d4862131f1ab61fdc9aec414d72388fcbe14d2d22df415b3f06a81c23d7247011b5c4bea43c1b08a82122f657aa733ef8b7ff6c95a1
ssdeep: 768:CO41q+dOcyhSk5hDJ+AK7Eh5IAFAcmSh9C:COD+krS26AHiSTC
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1B1135C48F7CE8723C3FE4ABF84E276110370D9A74617E74B2CC906A52E22BD74614A97
sha3_384: cd2d169d4fd1315b84c4f668f1e827a27c6f08e7a4ccf86559e10cc8406760a5cb94194ecdaee8aa7c47eeec9a17b118
ep_bytes: ff250020400000000000000000000000
timestamp: 2016-01-31 02:21:01

Version Info:
Translation: 0x0000 0x04b0
Comments: 大神码字-系统服务
CompanyName: 大神码字(作者吕涛)
FileDescription: 大神码字-系统服务
FileVersion: 1.0.0.0
InternalName: run.exe
LegalCopyright: 大神码字(shen.dnbcw.info)版权所有
LegalTrademarks: 大神码字
OriginalFilename: run.exe
ProductName: 大神码字系统服务
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Malware.AI.4204803021 also known as:

Lionic	Trojan.Win32.Bladabindi.4!c
MicroWorld-eScan	Gen:Heur.MSIL.Bladabindi.1
FireEye	Generic.mg.4ec78039e862161a
Skyhigh	Artemis!Trojan
McAfee	Artemis!4EC78039E862
Malwarebytes	Malware.AI.4204803021
VIPRE	Gen:Heur.MSIL.Bladabindi.1
Sangfor	Trojan.Msil.Bladabindi.Vbdp
BitDefender	Gen:Heur.MSIL.Bladabindi.1
Arcabit	Trojan.MSIL.Bladabindi.1
BitDefenderTheta	Gen:NN.ZemsilF.36792.cm0@aGx!m6e
VirIT	Trojan.Win32.MSIL_Heur.A
Elastic	malicious (moderate confidence)
APEX	Malicious
Rising	Malware.Undefined!8.C (CLOUD)
Trapmine	malicious.moderate.ml.score
Emsisoft	Gen:Heur.MSIL.Bladabindi.1 (B)
Ikarus	Gen.MSIL.Bladabindi
Google	Detected
Antiy-AVL	Trojan/Win32.BTSGeneric
Kingsoft	malware.kb.c.856
GData	Gen:Heur.MSIL.Bladabindi.1
AhnLab-V3	Malware/Win32.Generic.C313218
MAX	malware (ai score=99)
DeepInstinct	MALICIOUS
Cylance	unsafe
TrendMicro-HouseCall	TROJ_GEN.R002H09I423
Fortinet	PossibleThreat
CrowdStrike	win/malicious_confidence_70% (D)

How to remove Malware.AI.4204803021?

Malware.AI.4204803021 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X