About “Malware.AI.84137940” infection

The Malware.AI.84137940 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.84137940 virus can do?

SetUnhandledExceptionFilter detected (possible anti-debug)
CAPE extracted potentially suspicious content
Unconventionial language used in binary resources: Chinese (Simplified)
Authenticode signature is invalid

How to determine Malware.AI.84137940?


File Info:
name: 79C0C33FDE31F02A83FF.mlw
path: /opt/CAPEv2/storage/binaries/c2fe5a6781f47a72e840876b5e73361b1e14597650c2763aa1ff12ca296dfa22
crc32: C8DEFFF1
md5: 79c0c33fde31f02a83ff093707cf4a4e
sha1: 4399309d816dd4a1998f3760ae4fbe95d999b1b9
sha256: c2fe5a6781f47a72e840876b5e73361b1e14597650c2763aa1ff12ca296dfa22
sha512: 1283d2229f429266d31ea27cbd3a6a64b194b1c8f68220685e54f2b46dc992310bd3add94b411ab90e3816cf1d77dee59feea3e6fddcaf5d83134b8f46f4b701
ssdeep: 24576:q7PogGBX/yifpbyuJalNOjC0ltcgPZFf:6PD1bOj1ltcaZFf
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T19945D6E4D1524A2FFC750FB5EA25B119DB287E60132B18D732913C264D7EEE96B32603
sha3_384: 061be519cbfb92f232ef906741bdcb59859ba9fdb321054217fdf6999169e93577da9eb56ca2443b7847ec9aa11be89e
ep_bytes: 558bece878c40100e893fdffff5dc3cc
timestamp: 2021-11-30 10:56:45

Version Info:
0: [No Data]

Malware.AI.84137940 also known as:

DrWeb	Trojan.MulDrop19.9611
MicroWorld-eScan	Gen:Variant.Zusy.408957
FireEye	Gen:Variant.Zusy.408957
ALYac	Gen:Variant.Zusy.408957
Cylance	Unsafe
K7AntiVirus	Trojan ( 0058a07e1 )
K7GW	Trojan ( 0058a07e1 )
BitDefenderTheta	Gen:NN.ZexaF.34062.ivW@auH!4woj
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/TrojanDropper.Agent.SPI
Kaspersky	HEUR:Backdoor.Win32.Gulpix.gen
BitDefender	Gen:Variant.Zusy.408957
Avast	Win32:MalwareX-gen [Trj]
Ad-Aware	Gen:Variant.Zusy.408957
Sophos	Mal/Generic-S
McAfee-GW-Edition	BehavesLike.Win32.Emotet.th
Emsisoft	Gen:Variant.Zusy.408957 (B)
Ikarus	Trojan-Dropper.Win32.Agent
GData	Gen:Variant.Zusy.408957
Avira	TR/Drop.Agent.erhtp
MAX	malware (ai score=84)
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
Cynet	Malicious (score: 99)
McAfee	GenericRXQY-HO!79C0C33FDE31
VBA32	BScope.Backdoor.Lotok
Malwarebytes	Malware.AI.84137940
APEX	Malicious
Rising	Trojan.DotNetLoader!1.DA67 (CLASSIC)
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/Agent.SPI!tr
AVG	Win32:MalwareX-gen [Trj]
Panda	Trj/GdSda.A

How to remove Malware.AI.84137940?

Malware.AI.84137940 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X