Malware.AI.4213218416 (file analysis)

The Malware.AI.4213218416 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.4213218416 virus can do?

CAPE extracted potentially suspicious content
Authenticode signature is invalid
Binary compilation timestomping detected

How to determine Malware.AI.4213218416?


File Info:
name: 28ED42E64AA4D13264F6.mlw
path: /opt/CAPEv2/storage/binaries/a51d1b4ba479fa117a41b487960279c165d15e44340408619692c4a20a952877
crc32: 476A9D52
md5: 28ed42e64aa4d13264f60be441936169
sha1: a91dad0a66d3242eee0afa81aee618cd85759e53
sha256: a51d1b4ba479fa117a41b487960279c165d15e44340408619692c4a20a952877
sha512: d67e1a3a8ae25428a94271544f820f13593980db4a78d66f281281165b20780ee3c97f2ef537c6be235ffb8dd81b6316dc3e5d71fdd352ae3462b51ac7c20b08
ssdeep: 1536:4YODwaAMmyMgiUG25qHOZIgliiJ/+1R/:4fUpyMg5G25qHOyENJm1R/
type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
tlsh: T11D63728C7610B6CFC86BCC72DA942D64AA51B477430BE247A0532AEC991DACBDF051F3
sha3_384: fc6db60aa316aba10652b30d09d41071531190a52682cfa5955f0bfd29034e840c12d8013dc77264f767b8d272caf9c6
ep_bytes: ff250020001000000000000000000000
timestamp: 2064-06-01 16:42:26

Version Info:
Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: FirstLaunchModule
FileVersion: 1.0.0.0
InternalName: FirstLaunchModule.dll
LegalCopyright: Copyright ©  2018
LegalTrademarks: 
OriginalFilename: FirstLaunchModule.dll
ProductName: FirstLaunchModule
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Malware.AI.4213218416 also known as:

Lionic	Trojan.Win32.XCore.m!c
AVG	Win32:MalwareX-gen [Trj]
Skyhigh	RDN/Generic BackDoor
McAfee	RDN/Generic BackDoor
Malwarebytes	Malware.AI.4213218416
Zillya	Backdoor.XCore.Win32.428
Sangfor	Backdoor.Win32.Xcore.Vux6
Alibaba	Backdoor:MSIL/XCore.a246d3f2
Symantec	Trojan.Gen.MBT
Elastic	malicious (high confidence)
APEX	Malicious
Kaspersky	HEUR:Backdoor.MSIL.XCore.o
Avast	Win32:MalwareX-gen [Trj]
Tencent	Msil.Backdoor.Xcore.Hflw
F-Secure	Heuristic.HEUR/AGEN.1301111
TrendMicro	TROJ_GEN.R002C0PAA24
Sophos	Mal/Generic-S
Jiangmin	Backdoor.MSIL.crdd
Avira	HEUR/AGEN.1301111
Antiy-AVL	Trojan[Backdoor]/MSIL.XCore
ViRobot	Trojan.Win.Z.Xcore.70144
ZoneAlarm	HEUR:Backdoor.MSIL.XCore.o
Microsoft	Trojan:Win32/Wacatac.B!ml
Varist	W32/MSIL_Troj.BJG.gen!Eldorado
AhnLab-V3	Trojan/Win.MalwareX-gen.C5320271
Cylance	unsafe
Panda	Trj/Chgt.AD
TrendMicro-HouseCall	TROJ_GEN.R002C0PAA24
Ikarus	Trojan-RansomX
MaxSecure	Trojan.Malware.75367986.susgen
Fortinet	W32/Ursu.770881!tr
DeepInstinct	MALICIOUS

How to remove Malware.AI.4213218416?

Malware.AI.4213218416 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X