About “Malware.AI.4281377699” infection

The Malware.AI.4281377699 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.4281377699 virus can do?

CAPE extracted potentially suspicious content
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid
Binary compilation timestomping detected

How to determine Malware.AI.4281377699?


File Info:
name: ABB2A111DA8DA464A3E1.mlw
path: /opt/CAPEv2/storage/binaries/10f6328b01f63a0053bbd4ea09eb1becdd654f100dcc7c26cebdfad6d969e664
crc32: 152B7CFE
md5: abb2a111da8da464a3e1982505416a2e
sha1: 8cd07d25ce9bb63b77b4bb1a1727fd1702148b31
sha256: 10f6328b01f63a0053bbd4ea09eb1becdd654f100dcc7c26cebdfad6d969e664
sha512: 935fa22657e3e6c0f02be7d3e6a57a3a57059543ff83bcf587b6c1354a44c6fdb7b5529ebee6279fed422e11eebd3eed954cab630377e307115e8860827f5b0a
ssdeep: 24576:dW6RGWXSnKbZCbsXiugbCyyHNpA+VNgP0XM0GHjROGjNGs5BHYQtk6Q:dW6RGnnowbsuEjuESYQtkv
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1BC957DA53DBC096ED025C27369702D0586F37EAF2804D2E8CAA0BA9D3B77757133456B
sha3_384: 3170e363944469790b84415a9ecde30db157e0bfbda28baf1a0b76a25e6346dbe3d6cd73e440325d38417bbd53d17edb
ep_bytes: ff2500200a0000000000000000000000
timestamp: 2067-08-07 01:46:35

Version Info:
Comments: 
CompanyName: Facebook Data Extractor
FileDescription: Extractor
FileVersion: 2.0.2.0
InternalName: Extractor.exe
LegalCopyright: Copyright ©  2020
LegalTrademarks: 
OriginalFilename: Extractor.exe
ProductName: Extractor
ProductVersion: 2.0.2.0
Assembly Version: 2.0.2.0
Translation: 0x0000 0x04b0

Malware.AI.4281377699 also known as:

Bkav	W32.Common.CD65347F
Lionic	Trojan.Win32.Perseus.4!c
MicroWorld-eScan	Gen:Variant.MSILPerseus.211744
McAfee	Artemis!ABB2A111DA8D
Malwarebytes	Malware.AI.4281377699
Sangfor	Trojan.Win32.Agent.Vdqq
Symantec	ML.Attribute.HighConfidence
Cynet	Malicious (score: 100)
BitDefender	Gen:Variant.MSILPerseus.211744
Avast	Win32:Malware-gen
Emsisoft	Gen:Variant.MSILPerseus.211744 (B)
VIPRE	Gen:Variant.MSILPerseus.211744
McAfee-GW-Edition	Artemis!Trojan
FireEye	Gen:Variant.MSILPerseus.211744
GData	Gen:Variant.MSILPerseus.211744
MAX	malware (ai score=89)
Antiy-AVL	Trojan/Win32.Wacatac
Arcabit	Trojan.MSILPerseus.D33B20
Microsoft	Program:Win32/Wacapew.C!ml
ALYac	Gen:Variant.MSILPerseus.211744
Cylance	unsafe
TrendMicro-HouseCall	TROJ_GEN.R002H09GI23
Rising	Trojan.Zpevdo!8.F912 (CLOUD)
MaxSecure	Trojan.Malware.77195947.susgen
Fortinet	PossibleThreat
AVG	Win32:Malware-gen
DeepInstinct	MALICIOUS

How to remove Malware.AI.4281377699?

Malware.AI.4281377699 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X