What is “Malware.AI.4210914860”?

The Malware.AI.4210914860 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.4210914860 virus can do?

Dynamic (imported) function loading detected
CAPE extracted potentially suspicious content
Authenticode signature is invalid
Binary compilation timestomping detected

How to determine Malware.AI.4210914860?


File Info:
name: 559231DF0EA60C1D8D3D.mlw
path: /opt/CAPEv2/storage/binaries/23a3efa53f604bc7e57cfc5f5e3e5238e638116d9dfc668827770fd2874671ce
crc32: 88BD1C00
md5: 559231df0ea60c1d8d3db2a980b0a41d
sha1: c9e979bdbb94e1cc0e228a0946f5a28c2fa554e9
sha256: 23a3efa53f604bc7e57cfc5f5e3e5238e638116d9dfc668827770fd2874671ce
sha512: ee5330fc02da9b84bc0eb902ca3030fff33e0e544a42d9e6e88a4e26f7db7b23a4cbb50745e1d5ddb040e7cfc3e9ffaf5dc3c499423bf43b38c57df4f0770562
ssdeep: 1536:nRW25SYNqbCNU/RVqhSTYeUzndic/yXsC5r2tyZvdGp2hrQRn9UH:R/xNqZ//czjTPtyZvdGp2x
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1B2C3D688B2BA9F25C5789FF6C4A6550043FA654A3F71FB590C8170CF2D2FBB1861099B
sha3_384: fd858567df3fd615e4482fe7cbbfdebd5face43f3251fb56daf7b0c6b460bb1ff22e1d9411d70dbb95043374125da15f
ep_bytes: ff250020400000000000
timestamp: 2103-10-03 05:44:48

Version Info:
Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: NiteteamApp
FileVersion: 1.0.0.0
InternalName: NiteteamApp.exe
LegalCopyright: Copyright ©  2021
LegalTrademarks: 
OriginalFilename: NiteteamApp.exe
ProductName: NiteteamApp
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Malware.AI.4210914860 also known as:

Lionic	Riskware.Win32.Generic.1!c
MicroWorld-eScan	Trojan.GenericKD.38212256
FireEye	Trojan.GenericKD.38212256
ALYac	Trojan.GenericKD.38212256
Cylance	Unsafe
K7AntiVirus	Hacktool ( 0057c3df1 )
Alibaba	Trojan:MSIL/MalwareX.4f928636
K7GW	Hacktool ( 0057c3df1 )
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of MSIL/HackTool.Agent.PE
APEX	Malicious
BitDefender	Trojan.GenericKD.38212256
Avast	Win32:MalwareX-gen [Trj]
Ad-Aware	Trojan.GenericKD.38212256
TrendMicro	TROJ_GEN.R002C0PL321
McAfee-GW-Edition	GenericRXNG-XO!559231DF0EA6
Emsisoft	Trojan.GenericKD.38212256 (B)
SentinelOne	Static AI – Suspicious PE
GData	Win32.Trojan.Agent.93Y2XN
Avira	TR/Hacktool.tygqs
Antiy-AVL	Trojan/Generic.ASMalwS.34DF70B
Gridinsoft	Ransom.Win32.Wacatac.sa
Arcabit	Trojan.Generic.D24712A0
Microsoft	Trojan:Win32/Wacatac.B!ml
Cynet	Malicious (score: 99)
AhnLab-V3	Malware/Win.Generic.C4824008
McAfee	GenericRXNG-XO!559231DF0EA6
MAX	malware (ai score=83)
Malwarebytes	Malware.AI.4210914860
TrendMicro-HouseCall	TROJ_GEN.R002C0PL321
Ikarus	Trojan.Spy.Agent
Fortinet	MSIL/Agent.PE!tr
AVG	Win32:MalwareX-gen [Trj]
MaxSecure	Trojan.Malware.300983.susgen

How to remove Malware.AI.4210914860?

Malware.AI.4210914860 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X