Malware.AI.4239228528 removal guide

The Malware.AI.4239228528 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.4239228528 virus can do?

Unconventionial language used in binary resources: Chinese (Simplified)
Authenticode signature is invalid
Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Malware.AI.4239228528?


File Info:
name: 4E96F7A65A4F1296FF92.mlw
path: /opt/CAPEv2/storage/binaries/3daf82aeb7beee49eb6fff93b0bc6916811d17dd0965a806346a95fa7607016b
crc32: 9B8F6EA6
md5: 4e96f7a65a4f1296ff9293b97e74aa26
sha1: 89a827654195aa48ffb4fb802abb786ff1e24b67
sha256: 3daf82aeb7beee49eb6fff93b0bc6916811d17dd0965a806346a95fa7607016b
sha512: f5ef587f5d08c4573225edc31d3478420e172484e738134b2c370fc1c2d069031cdd53d0e8ae2380357f99028fc169356c54fb281253a86759785fde489bd1c0
ssdeep: 3072:ELTmHumt5LZHEYkyiBrEDNpZ9cn2hhv0G0gJS3KDu/eDUY:XHum/YIDNprcn2hNRJSl/e
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T16B24A513A501E492D52166FB75A5433D39B88B242CB8C623ABF4CC73FC74972DB6B609
sha3_384: 2af2af0cfbc44981626dd03882c575ba22a8affdc44bc118d0d0968e40d100e3b0f5c35828315c70bdbf9afd21b957f6
ep_bytes: e89b790200e80e76020033c0c3909090
timestamp: 2016-01-24 15:32:44

Version Info:
0: [No Data]

Malware.AI.4239228528 also known as:

Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.Blackmoon.4!c
Elastic	malicious (high confidence)
Malwarebytes	Malware.AI.4239228528
Sangfor	Trojan.Win32.Blackmoon.Vdst
CrowdStrike	win/malicious_confidence_60% (D)
BitDefenderTheta	Gen:NN.ZexaF.36680.mqW@ayTvAGgb
ESET-NOD32	a variant of Win32/Packed.BlackMoon.A suspicious
APEX	Malicious
Cynet	Malicious (score: 100)
Zillya	Trojan.BlackMoon.Win32.11
Sophos	Generic Reputation PUA (PUA)
Ikarus	PUA.BlackMoon
Antiy-AVL	Trojan[Packed]/Win32.Blackmoon
Kingsoft	malware.kb.a.998
Xcitium	Malware@#18qpkxvfxie33
Cylance	unsafe
TrendMicro-HouseCall	TROJ_GEN.R002H06L523
SentinelOne	Static AI – Suspicious PE
Fortinet	Riskware/Blackmoon

How to remove Malware.AI.4239228528?

Malware.AI.4239228528 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X