What is “Malware.AI.4285603512”?

The Malware.AI.4285603512 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.4285603512 virus can do?

The binary likely contains encrypted or compressed data.
Authenticode signature is invalid

How to determine Malware.AI.4285603512?


File Info:
name: 64D28F27D5180645E46E.mlw
path: /opt/CAPEv2/storage/binaries/22b0270c8d18c4e1cd5a9720c2a8fee61321724d323751a5ae2679f486085c58
crc32: 776FE347
md5: 64d28f27d5180645e46e341b0beb3d9c
sha1: 0c89ee6044416e45f3c12173aae7d7fef5a66f40
sha256: 22b0270c8d18c4e1cd5a9720c2a8fee61321724d323751a5ae2679f486085c58
sha512: cb396ebef4b40fae6a55d15db586ddec2fa5d60150635aa3c458cc8e6e974da4fd7afe770ae27fb452330f92c2a6724972dc58ed128ec5b47ad7c9d82b47f750
ssdeep: 12288:F5qnZUxBRML2He0Q1fVkkADwdeRIvplaAAigkGlvCLf9xsvO:HhM0meDwdtoJi3GJCLf9x2O
type: PE32+ executable (console) x86-64, for MS Windows
tlsh: T1F894BF78970573FBE12D5E3875C9B982C2523E50324B621E2C6F2D4E07BB6EE7724216
sha3_384: 75a5aacbf7783ed4d5e82c96588e92ade640513eba79d3c8a4267fbffcc6c49bdb64f582638d7d750746246c5950e03a
ep_bytes: 455357455541bb60000000654b8b3b52
timestamp: 2013-08-21 13:24:33

Version Info:
CompanyName: Microsoft Corporation
FileDescription: SNMP Trap
FileVersion: 6.3.9600.16384 (winblue_rtm.130821-1623)
InternalName: snmptrap.exe
LegalCopyright: © Microsoft Corporation. All rights reserved.
OriginalFilename: snmptrap.exe
ProductName: Microsoft® Windows® Operating System
ProductVersion: 6.3.9600.16384
Translation: 0x0409 0x04b0

Malware.AI.4285603512 also known as:

Elastic	malicious (high confidence)
MicroWorld-eScan	Win64.Expiro.Gen.6
FireEye	Generic.mg.64d28f27d5180645
ALYac	Win64.Expiro.Gen.6
Cylance	Unsafe
Cybereason	malicious.7d5180
Cyren	W64/Expiro.AO.gen!Eldorado
ESET-NOD32	a variant of Win64/Expiro.CO
APEX	Malicious
Paloalto	generic.ml
Kaspersky	Virus.Win64.Expiro.rd
BitDefender	Win64.Expiro.Gen.6
NANO-Antivirus	Virus.Win64.Expiro.clnvwd
Avast	Win64:Xpirat [Inf]
Tencent	Win64.Virus.Expiro.Wqde
Ad-Aware	Win64.Expiro.Gen.6
Sophos	Mal/Generic-S
TrendMicro	Virus.Win64.EXPIRO.MR
McAfee-GW-Edition	BehavesLike.Win64.Generic.gc
Emsisoft	Win64.Expiro.Gen.6 (B)
SentinelOne	Static AI – Malicious PE
GData	Win64.Expiro.Gen.6
Jiangmin	Trojan.Scar.tsz
Avira	W64/Infector.Gen
Arcabit	Win64.Expiro.Gen.6
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
Cynet	Malicious (score: 100)
Acronis	suspicious
MAX	malware (ai score=81)
Malwarebytes	Malware.AI.4285603512
TrendMicro-HouseCall	Virus.Win64.EXPIRO.MR
Ikarus	Virus.Win64.Expiro
Fortinet	W64/Expiro.CE
AVG	Win64:Xpirat [Inf]
Panda	Generic Suspicious
CrowdStrike	win/malicious_confidence_100% (W)

How to remove Malware.AI.4285603512?

Malware.AI.4285603512 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X