Malware.AI.609788452 (file analysis)

The Malware.AI.609788452 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.609788452 virus can do?

SetUnhandledExceptionFilter detected (possible anti-debug)
At least one process apparently crashed during execution
Reads data out of its own binary image
Authenticode signature is invalid

How to determine Malware.AI.609788452?


File Info:
name: 33FF73B67804A83B0012.mlw
path: /opt/CAPEv2/storage/binaries/6c5028bc3f11922067c77b2f12437587b36f53f00349a177cb5d1c2d933a65d1
crc32: A3057D00
md5: 33ff73b67804a83b00126703c14cd75b
sha1: 0d4fe0b903fa15170e8c58017ca51d56e8d02ef7
sha256: 6c5028bc3f11922067c77b2f12437587b36f53f00349a177cb5d1c2d933a65d1
sha512: 9f7a2ee35af681af07088981809fb1d67a66bd5f4443372202a0ad32270a69e6c083292285388ae1426fc919ea6aa9558af8f7aa74a3fe5a345747f2bb3c3329
ssdeep: 6144:6wLwaKdzPDGwvthIVXW8SGSxyKz7/ikrRdVBX5us:686d75hIVuaMbFBr
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T14A56BE02B2D150B9D8E7193418B65BF9DEBEBD21C725DA079330FE2E1E39A50D91D30A
sha3_384: ce6dcd526f1f0231e095d14ea0c694b3d93992da37379245892715c289c1a60fe46f84ac8d417bac5d545caad2d7f950
ep_bytes: 558bec6aff68f8289a00688822990064
timestamp: 2006-02-01 19:53:43

Version Info:
Comments: 
CompanyName: Sysinternals - www.sysinternals.com
FileDescription: Rootkit detection utility
FileVersion: 1.70
InternalName: 
LegalCopyright: Copyright (C) 2005-2006 Bryce Cogswell and Mark Russinovich
LegalTrademarks: 
OriginalFilename: 
PrivateBuild: 
ProductName: Sysinternals Rootkitrevealer
ProductVersion: 1.70
SpecialBuild: 
Translation: 0x0409 0x04b0

Malware.AI.609788452 also known as:

Bkav	W32.AIDetect.malware2
Lionic	Trojan.Win32.Malicious.4!c
Elastic	malicious (high confidence)
FireEye	Generic.mg.33ff73b67804a83b
CAT-QuickHeal	Trojan.Swisyn.OD5
Cylance	Unsafe
Sangfor	Trojan.Win32.Sabsik.FL
K7AntiVirus	Riskware ( 00584baa1 )
K7GW	Riskware ( 00584baa1 )
CrowdStrike	win/malicious_confidence_100% (W)
Cyren	W32/Swisyn.R.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
TrendMicro-HouseCall	TROJ_GEN.R002H0CB722
Paloalto	generic.ml
ClamAV	Win.Malware.Swisyn-7008260-0
NANO-Antivirus	Trojan.Win32.Swisyn.fbhdde
Avast	Win32:Malware-gen
Sophos	Mal/Generic-S
McAfee-GW-Edition	BehavesLike.Win32.Dropper.tz
SentinelOne	Static AI – Malicious PE
APEX	Malicious
GData	Win32.Trojan.PSE.14A82VQ
Antiy-AVL	Trojan/Generic.ASMalwS.31F0DAF
Gridinsoft	Ransom.Win32.Sabsik.sa
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
Cynet	Malicious (score: 100)
AhnLab-V3	Malware/Win.Evo-gen.R454220
Acronis	suspicious
McAfee	GenericRXAA-AA!33FF73B67804
VBA32	Trojan.Zpevdo
Malwarebytes	Malware.AI.609788452
Rising	Malware.Heuristic!ET#88% (RDMK:cmRtazobvWnyYqyMy61HsanAi4C8)
Yandex	Trojan.Agent!vKUr47jlVvc
Ikarus	Trojan.Win32.Scar
Fortinet	W32/Swisyn.R!tr
AVG	Win32:Malware-gen
Cybereason	malicious.903fa1

How to remove Malware.AI.609788452?

Malware.AI.609788452 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X