Malware

Malware.AI.4212117351 malicious file

Malware Removal

The Malware.AI.4212117351 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Malware.AI.4212117351 virus can do?

  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • CAPE detected the RedLine malware family

How to determine Malware.AI.4212117351?


File Info:

name: D389740C13B3062C2F94.mlw
path: /opt/CAPEv2/storage/binaries/2b958e0dc62b9b1a186ec8ee0b7a59015b0a82af1f99a703dd870244fc22a719
crc32: 56604483
md5: d389740c13b3062c2f94a3ffb5d1d523
sha1: 56bc02b15f361786092460ad8cb742dd932e17ae
sha256: 2b958e0dc62b9b1a186ec8ee0b7a59015b0a82af1f99a703dd870244fc22a719
sha512: a276134cb913ef0991b07ada5eee2bf25fc54260c97ae075171654773fa7551ce1135aa720398f7ae8318cbc087096f71fe85dc7e17e37a95a71e939e8154b30
ssdeep: 196608:iPrt/6s9915/cj6W2xcU3DNGqNFlVMHa2X9FwKMhU+/Pruyg2czM:izt/6sS1tU3DNGIUa2NFYU+LLgw
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T13BC6123273A1E600E5B9473599E0CF785B60FC0B5926CA9B24E87E53397678338907DE
sha3_384: 70871446311f1371f30c71b53cfe9e8c38dee4a0e251bebeab4478b2b97f4016e9d79bf0fc8a45c88b3f449a3637093c
ep_bytes: ff250020400000000000000000000000
timestamp: 2022-08-04 00:43:23

Version Info:

Translation: 0x0000 0x04b0
CompanyName: SLAYER Leecher v0.7
FileDescription: SLAYER Leecher v0.7
FileVersion: 0.7.0
InternalName: barbarian.exe
LegalCopyright: © SLAYER Leecher
OriginalFilename: barbarian.exe
ProductName: SLAYER Leecher v0.7
ProductVersion: 0.7.0
Assembly Version: 0.7.0.0

Malware.AI.4212117351 also known as:

Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Razy.490172
ClamAVWin.Trojan.Redline-9938775-1
FireEyeGeneric.mg.d389740c13b3062c
McAfeePacked-PM!D389740C13B3
CylanceUnsafe
VIPREGen:Variant.Razy.490172
Cybereasonmalicious.c13b30
CyrenW32/MSIL_Kryptik.CRY.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/TrojanDropper.Agent.FKI
APEXMalicious
CynetMalicious (score: 99)
KasperskyHEUR:Trojan.MSIL.Fileless.gen
BitDefenderGen:Variant.Razy.490172
AvastWin64:CoinminerX-gen [Trj]
Ad-AwareGen:Variant.Razy.490172
EmsisoftGen:Variant.Razy.490172 (B)
ComodoTrojWare.MSIL.Boilod.MFC@7j93d6
DrWebBackDoor.Bladabindi.13678
McAfee-GW-EditionPacked-PM!D389740C13B3
SophosTroj/Reflekt-B
SentinelOneStatic AI – Malicious PE
GDataGen:Variant.Razy.490172
AviraTR/Dropper.MSIL.Gen
MicrosoftTrojan:MSIL/Remcos.PH!MTB
GoogleDetected
Acronissuspicious
BitDefenderThetaGen:NN.ZemsilF.34592.@p0@aWGw@Rd
ALYacGen:Variant.Razy.490172
MAXmalware (ai score=80)
MalwarebytesMalware.AI.4212117351
RisingTrojan.Generic/MSIL@AI.100 (RDM.MSIL:V68DKpb201dAXSpAveDMCQ)
IkarusTrojan.MSIL.Krypt
FortinetMSIL/CoinMiner.DTL!tr
AVGWin64:CoinminerX-gen [Trj]

How to remove Malware.AI.4212117351?

Malware.AI.4212117351 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment