About “Malware.AI.516799186” infection

The Malware.AI.516799186 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.516799186 virus can do?

Authenticode signature is invalid

How to determine Malware.AI.516799186?


File Info:
name: 157E9B36B8BD775E11B5.mlw
path: /opt/CAPEv2/storage/binaries/1f91255c963742fc17e4f0abbe2556bac354cd6dc4b8c3772391875ef11687b9
crc32: A91CE744
md5: 157e9b36b8bd775e11b516ead303c2ba
sha1: 18d058470a8b6457eb23863f644aac37b58bcbd0
sha256: 1f91255c963742fc17e4f0abbe2556bac354cd6dc4b8c3772391875ef11687b9
sha512: 4a480262194c8558ba3e9faa8678f82c6e67afa6ded7148edf1907abbbe57ce0abc90de7087c0d799c8e736ff6d5cf7d59d0806f3bf1c221942c953de870b7ce
ssdeep: 768:Lhtcl5Rh8FgvqJ0PdJWbKdhnKTGLmkUG7qm+s41d:uRhefidEbohypkZ7L1i
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T128038E8CB20C8223DDAF16FE84F341F00272C353A262FBA5ADDBA1E95E577D546114E9
sha3_384: 6dce826d7800ef69ce45bdbb48a30fa43440f7cebd9ae9a9344ad49e050e6b1c26867f80b1230aaea75a0e45b92f51c2
ep_bytes: ff250020400000000000000000000000
timestamp: 2022-05-21 09:15:04

Version Info:
Translation: 0x0000 0x04b0
CompanyName: RuntimeBroker
FileDescription: Runtime Broker
FileVersion: 1.0.0.0
InternalName: RuntimeBroker.exe
LegalCopyright:  
OriginalFilename: RuntimeBroker.exe
ProductName: RuntimeBroker
ProductVersion: 1.0.0
Assembly Version: 1.0.0.0

Malware.AI.516799186 also known as:

Bkav	W32.AIDetectNet.01
DrWeb	BackDoor.SpyBotNET.49
MicroWorld-eScan	IL:Trojan.MSILMamut.2485
FireEye	IL:Trojan.MSILMamut.2485
McAfee	RDN/Generic PWS.y
Zillya	Trojan.Small.Win32.81076
K7AntiVirus	Trojan ( 004d94d21 )
K7GW	Trojan ( 004d94d21 )
CrowdStrike	win/malicious_confidence_100% (W)
Arcabit	IL:Trojan.MSILMamut.D9B5
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of MSIL/Small.GZ
APEX	Malicious
Kaspersky	HEUR:Trojan-Spy.MSIL.Bobik.gen
BitDefender	IL:Trojan.MSILMamut.2485
Avast	Win32:SpywareX-gen [Trj]
Ad-Aware	IL:Trojan.MSILMamut.2485
Emsisoft	IL:Trojan.MSILMamut.2485 (B)
VIPRE	IL:Trojan.MSILMamut.2485
McAfee-GW-Edition	RDN/Generic PWS.y
Sophos	Mal/Generic-S
SentinelOne	Static AI – Malicious PE
Google	Detected
Avira	HEUR/AGEN.1202858
MAX	malware (ai score=84)
Antiy-AVL	Trojan/Generic.ASMalwS.6C82
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
GData	IL:Trojan.MSILMamut.2485
Cynet	Malicious (score: 99)
AhnLab-V3	Trojan/Win.Generic.C5169672
ALYac	IL:Trojan.MSILMamut.2485
Malwarebytes	Malware.AI.516799186
Rising	Spyware.Bobik!8.108FF (C64:YzY0Ogw3FXBd/6aBNw)
Ikarus	Trojan.MSIL.Small
MaxSecure	Trojan.Malware.74169853.susgen
AVG	Win32:SpywareX-gen [Trj]

How to remove Malware.AI.516799186?

Malware.AI.516799186 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X