What is “Malware.AI.4205984725”?

The Malware.AI.4205984725 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.4205984725 virus can do?

The binary contains an unknown PE section name indicative of packing
The executable is compressed using UPX
Authenticode signature is invalid
Anomalous binary characteristics

How to determine Malware.AI.4205984725?


File Info:
name: E6157D917320EB4476A7.mlw
path: /opt/CAPEv2/storage/binaries/a37896fccba2d433f0dd87b820cec6181c9884a26d50ae654ff156e95bc3573f
crc32: 09F1E6CC
md5: e6157d917320eb4476a787e49e67cf6e
sha1: 3a6b411d81ae71d041dc85005b305a8c29426cf0
sha256: a37896fccba2d433f0dd87b820cec6181c9884a26d50ae654ff156e95bc3573f
sha512: de9a2b8b90b2c9839b484fad90021de099f30ba4e9f33cf3e911746d38aad37a4416793dad1d9aa0a794f1d0babc5fd18633c865e8e57b0b623f7f8ec170ad6f
ssdeep: 3072:WqthvXjfXrXAZSXAZfo/TfxWasVEVr/o7L5R30HDWr24D:XthvXjfXRTeWr/2L33wDWrPD
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1F4B4AC69FF60ED6AC890127AEFE2882D97926CB76730392C5B4F703957BA3513011D4E
sha3_384: 3314551ff267d041d0e4aac5cf4af3fc3837254e186234e9d6a7ff0b2d637c2e541f5ed68edac2625532817e570635fd
ep_bytes: 60be15c096008dbeeb4fedff57eb0b90
timestamp: 2019-01-14 19:24:52

Version Info:
CompanyName: Reason Software Company Inc.
FileDescription: Reason Antivirus Installer
FileVersion: 1.0.0.1
LegalCopyright: Copyright Reason Software Company Inc.
ProductName: Reason Antivirus
ProductVersion: 1.0.0.1
Translation: 0x0409 0x04b0

Malware.AI.4205984725 also known as:

Elastic	malicious (moderate confidence)
FireEye	Generic.mg.e6157d917320eb44
Cylance	Unsafe
Sangfor	Trojan.Win32.Save.a
Symantec	ML.Attribute.HighConfidence
APEX	Malicious
Cynet	Malicious (score: 100)
Sophos	Generic ML PUA (PUA)
Antiy-AVL	Trojan/Generic.ASMalwS.82BA
Microsoft	Trojan:Win32/Wacatac.B!ml
BitDefenderTheta	Gen:NN.ZexaF.34754.Fm0@aq59dZbi
Malwarebytes	Malware.AI.4205984725
SentinelOne	Static AI – Suspicious PE
Fortinet	W32/ULPM.16C0!tr

How to remove Malware.AI.4205984725?

Malware.AI.4205984725 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X