Malware.AI.4228586339 removal instruction

The Malware.AI.4228586339 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.4228586339 virus can do?

The binary contains an unknown PE section name indicative of packing
The executable is compressed using UPX
Authenticode signature is invalid

How to determine Malware.AI.4228586339?


File Info:
name: B689B2EDC2381F5074B5.mlw
path: /opt/CAPEv2/storage/binaries/482b54ea2aecddf5d41ef6a601db1fd934b2cdf87e6c1b2dc089385279a4243c
crc32: 5285E0E3
md5: b689b2edc2381f5074b5e144abb7bfeb
sha1: 7d758df783519d82cd7ca9c023ec9b2528ec1ad4
sha256: 482b54ea2aecddf5d41ef6a601db1fd934b2cdf87e6c1b2dc089385279a4243c
sha512: 46a3c5cb2fc5266dc2e24a5a123b755283f9997f0f8ac492c3e25e55402f5954808ab49e3f176ddb545eed5ad8eb0c9b0ab6f891ed780a61471411353a21674a
ssdeep: 6144:ARQvrxn7jPwMbdIefOriKEYa1dGbJJS3+QrW7k8X0yyHch/Z6Ba5zp0di+1Vea5w:Sv48uJ5kx9AsLNhTTlvkTkoxaug9EO
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1F5050841F9D14A22CC371B3454A35B50063AFFA06FB5D68F175874993BB36E02EA63E8
sha3_384: e922cd218e8316a6d33f75ba747f3a964b3681fd8fdc117b2d24ad7d1de1b5e29c536e4899a5541d12bcadf46e4a9903
ep_bytes: 60be003058008dbe00e0e7ff5783cdff
timestamp: 2022-12-21 16:51:43

Version Info:
CompanyName: 技术监督中心
FileDescription: IP地址查询上报
FileVersion: 0.0.0.11
InternalName: IP地址查询上报
LegalCopyright: Copyright (C) 张元逊 2023
OriginalFilename: IP地址查询上报.exe
ProductName: IP地址查询上报
ProductVersion: 0.0.0.11
Translation: 0x0009 0x04b0

Malware.AI.4228586339 also known as:

Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.Generic.4!c
MicroWorld-eScan	Gen:Trojan.Heur.Zm0@!@JH13iG
FireEye	Generic.mg.b689b2edc2381f50
Skyhigh	BehavesLike.Win32.Generic.ct
McAfee	Artemis!B689B2EDC238
Malwarebytes	Malware.AI.4228586339
Sangfor	Trojan.Win32.Agent.Vaa3
BitDefender	Gen:Trojan.Heur.Zm0@!@JH13iG
CrowdStrike	win/malicious_confidence_90% (W)
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (moderate confidence)
APEX	Malicious
Emsisoft	Gen:Trojan.Heur.Zm0@!@JH13iG (B)
VIPRE	Gen:Trojan.Heur.Zm0@!@JH13iG
Trapmine	suspicious.low.ml.score
Sophos	Mal/Generic-S
SentinelOne	Static AI – Malicious PE
Antiy-AVL	Trojan/Win32.Sabsik
Kingsoft	malware.kb.b.771
Xcitium	Packed.Win32.MUPX.Gen@24tbus
Arcabit	Trojan.Heur.EEA0DE
GData	Gen:Trojan.Heur.Zm0@!@JH13iG
Acronis	suspicious
BitDefenderTheta	AI:Packer.95CE1E721C
ALYac	Gen:Trojan.Heur.Zm0@!@JH13iG
MAX	malware (ai score=86)
DeepInstinct	MALICIOUS
Cylance	unsafe
TrendMicro-HouseCall	TROJ_GEN.R002H09GT23
MaxSecure	Trojan.Malware.10010871.susgen
Fortinet	W32/ULPM.16C0!tr
Cybereason	malicious.783519

How to remove Malware.AI.4228586339?

Malware.AI.4228586339 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X