Malware.AI.4236080473 (file analysis)

The Malware.AI.4236080473 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.4236080473 virus can do?

The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid

How to determine Malware.AI.4236080473?


File Info:
name: D530F0FD727B5AC67EC3.mlw
path: /opt/CAPEv2/storage/binaries/e9ea0f1df852ad2cf98cd640e86b35e8053efde2062767622234e21a50883c30
crc32: 47D9FDCE
md5: d530f0fd727b5ac67ec3e82f584048b9
sha1: c9c5cbb1032f41a26d72ae79aac058f09cf1c7b3
sha256: e9ea0f1df852ad2cf98cd640e86b35e8053efde2062767622234e21a50883c30
sha512: 11a7543a23a68fd6349262b912a1190566bde331d0dec504d267915ffab11f5b0afe68b57079ff9eac09fd3308177ce679506c376f44999a600b49c2ffa38b2d
ssdeep: 12288:1m7THwMhrEMI98QZ3qbKYWkQE7S1SZq43I3xmq6qa4BqII5IziXb9gY:10HwM6zEbvQEuSZq443cb7HIIbbB
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1EAE47D22B3B14473C2621738DD5B97B4AC26FE013E29AA8727F52D4C5F796807C262D7
sha3_384: 69cf31fc74b2341489352a35dffcdbebef4d4a1ccf1996f8cc601e973b5c24e78843f17ce075a577c602dd2fbde9801c
ep_bytes: 558bec83c4f453b870ed4800e8876ef7
timestamp: 1992-06-19 22:22:17

Version Info:
CompanyName: Chemware Ltd
FileDescription: User Logger
FileVersion: 2.9.20.295
InternalName: 
LegalCopyright: Chemware Ltd
LegalTrademarks: 
OriginalFilename: 
ProductName: 
ProductVersion: 2.9
Comments: written by Bruce Levett
email: info@chemware.co.nz
WWW: http://chemware.co.nz
Translation: 0x1409 0x04e4

Malware.AI.4236080473 also known as:

Bkav	W32.Common.3459F927
Lionic	Trojan.Win32.Userlogger.4!c
MicroWorld-eScan	Application.Userlogger.A
FireEye	Application.Userlogger.A
Skyhigh	Generic PUP.mn
McAfee	Generic PUP.mn
Cylance	unsafe
Zillya	Backdoor.PePatch.Win32.35866
K7AntiVirus	Password-Stealer ( 004c4df71 )
Alibaba	RiskWare:Win32/UserLogger.638ab925
K7GW	Password-Stealer ( 004c4df71 )
Arcabit	Application.Userlogger.A
Symantec	Spyware.UserLogger
ESET-NOD32	a variant of Win32/KeyLogger.UserLogger.A
Cynet	Malicious (score: 100)
BitDefender	Application.Userlogger.A
NANO-Antivirus	Riskware.Win32.UserLogger.ftfper
Emsisoft	Application.Userlogger.A (B)
DrWeb	Trojan.DownLoader2.54114
VIPRE	Application.Userlogger.A
TrendMicro	Spyware_TRAK_Userlog.290
Sophos	UserLogger (PUA)
Jiangmin	Monitor.UserLogger.a
Webroot	System.Monitor.User.Logger
Google	Detected
Antiy-AVL	RiskWare[Monitor]/Win32.UserLogger
Xcitium	Malware@#3ojak8g8sr0x3
Microsoft	Program:Win32/Wacapew.C!ml
GData	Application.Userlogger.A
Varist	W32/Monitor.VOQZ-5797
ALYac	Application.Userlogger.A
MAX	malware (ai score=100)
VBA32	Trojan.Downloader
Malwarebytes	Malware.AI.4236080473
TrendMicro-HouseCall	Spyware_TRAK_Userlog.290
Rising	Malware.Occamy!8.11B3B (TFE:5:U9vzZfOHbfF)
MaxSecure	Trojan.Malware.1464655.susgen
Fortinet	Riskware/PUP
DeepInstinct	MALICIOUS

How to remove Malware.AI.4236080473?

Malware.AI.4236080473 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X