About “Malware.AI.4288354737” infection

The Malware.AI.4288354737 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.4288354737 virus can do?

Dynamic (imported) function loading detected
CAPE extracted potentially suspicious content
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid
Binary compilation timestomping detected

How to determine Malware.AI.4288354737?


File Info:
name: E4DEB182049E4332C418.mlw
path: /opt/CAPEv2/storage/binaries/279bb93c625cd35111249db499166caaa80f029dded80055a5f90e46d071f65c
crc32: AB527D5E
md5: e4deb182049e4332c4184bd6ff11fc99
sha1: 30ba86b964ed22c27619ed7605bd2b986a175306
sha256: 279bb93c625cd35111249db499166caaa80f029dded80055a5f90e46d071f65c
sha512: d660db71a5caf8e83e1671356541821a7fd2fcf436a85ab0006d2ff68ad5b0b2e6532610c6ab9d4fc95b50aa243245cee1e5bcad6b75d2e51e702fc436f73e11
ssdeep: 98304:y1+B6JaTnyeJm3RYZqPOHxN42JbWePMSWxlE:P3PzqPOE2kePMSWXE
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1F2361228E53ABA04C3D80234C552CE3953222E5E59228D6F24FDFE97BFBE743655424B
sha3_384: 166a4a840adc6ec883786ae666f1b09f9c14133287dfca069d4dec385bb844d86f7b00f34c9ce6fd73b65c339ba16333
ep_bytes: ff250020400000000000000000000000
timestamp: 2045-02-12 14:52:09

Version Info:
Translation: 0x0000 0x04b0
Comments: Programm
CompanyName: Aliene3.exe Corp
FileDescription: Aliene
FileVersion: 7.6.5.3
InternalName: Alienn.exe
LegalCopyright: Copyright © 2020
LegalTrademarks: bg4
OriginalFilename: Alienn.exe
ProductName: Aliene
ProductVersion: 7.6.5.3
Assembly Version: 5.1.5.3

Malware.AI.4288354737 also known as:

DrWeb	Trojan.KillProc.58097
MicroWorld-eScan	Gen:Variant.Ursu.380011
FireEye	Generic.mg.e4deb182049e4332
ALYac	Gen:Variant.Ursu.380011
K7AntiVirus	Trojan ( 00546aaf1 )
Alibaba	Trojan:MSIL/Diztakun.d21eb0e2
K7GW	Trojan ( 00546aaf1 )
CrowdStrike	win/malicious_confidence_60% (W)
BitDefenderTheta	Gen:NN.ZemsilF.34062.@p0@au5feZe
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of MSIL/BadJoke.MW
TrendMicro-HouseCall	TROJ_GEN.R002C0PL621
Cynet	Malicious (score: 99)
Kaspersky	HEUR:Trojan.MSIL.Diztakun.gen
BitDefender	Gen:Variant.Ursu.380011
Avast	Win32:TrojanX-gen [Trj]
Ad-Aware	Gen:Variant.Ursu.380011
Emsisoft	Gen:Variant.Ursu.380011 (B)
TrendMicro	TROJ_GEN.R002C0PL621
McAfee-GW-Edition	GenericRXHB-NH!E4DEB182049E
Sophos	Mal/Generic-S
Ikarus	Trojan.MSIL.BadJoke
Avira	HEUR/AGEN.1206035
Microsoft	Backdoor:Win32/Bladabindi!ml
GData	Gen:Variant.Ursu.380011
AhnLab-V3	Trojan/Win.NH.C4522323
McAfee	GenericRXHB-NH!E4DEB182049E
MAX	malware (ai score=81)
VBA32	TScope.Trojan.MSIL
Malwarebytes	Malware.AI.4288354737
APEX	Malicious
SentinelOne	Static AI – Malicious PE
Fortinet	MSIL/BadJoke.MW!tr
AVG	Win32:TrojanX-gen [Trj]
Cybereason	malicious.2049e4
Panda	Trj/GdSda.A

How to remove Malware.AI.4288354737?

Malware.AI.4288354737 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X