About “Malware.AI.852640239” infection

The Malware.AI.852640239 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.852640239 virus can do?

SetUnhandledExceptionFilter detected (possible anti-debug)
Dynamic (imported) function loading detected
The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid

How to determine Malware.AI.852640239?


File Info:
name: 33EC732D59DC162A41B7.mlw
path: /opt/CAPEv2/storage/binaries/301a7409c89b53c164f3cadddfd9b6a077718362d7301f7906b00e5527c9f7a3
crc32: B8AA7B51
md5: 33ec732d59dc162a41b752307c8b6d0e
sha1: 6b43b846a81565a63cc3328a0409aa7df65091d6
sha256: 301a7409c89b53c164f3cadddfd9b6a077718362d7301f7906b00e5527c9f7a3
sha512: 9fd150bc593427194982a6514ed677c10fcee06d037fa9b8e705a960acae8fb717e06d5303372d036fc5138bfcf6fb5ea1ae826bfa9e2c855370c75b79ba0afa
ssdeep: 49152:9A85jckkyUeUfx0pvDnfDBeujRB/MrmECBL46oUlMX:Jikk+awfNeulmrmkX
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T18E067C90FDDF10F6D70358709C6B627F6730220A9739CAC7D6409F9AE8676E14A33626
sha3_384: 0b686c3ea51a8f8b46ab1ed009e25350ccd1c37d6c10153fd76431c366f8d72f6cbda49cea34bf079ac061730e50e3bb
ep_bytes: e98bdbffffcccccccccccccccccccccc
timestamp: 1970-01-01 00:00:00

Version Info:
0: [No Data]

Malware.AI.852640239 also known as:

Bkav	W32.AIDetect.malware2
Lionic	Trojan.Win32.Generic.4!c
MicroWorld-eScan	Trojan.Autoruns.GenericKDS.31519466
FireEye	Generic.mg.33ec732d59dc162a
McAfee	Artemis!33EC732D59DC
Cylance	Unsafe
VIPRE	Trojan.Win32.Generic!BT
Sangfor	Trojan.Win32.Save.a
K7AntiVirus	Trojan-Downloader ( 005705911 )
Alibaba	TrojanDownloader:Win32/Autoruns.16005fbe
K7GW	Trojan-Downloader ( 005705911 )
CrowdStrike	win/malicious_confidence_100% (W)
BitDefenderTheta	Gen:NN.ZexaF.34182.TBW@a0U6nhni
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/TrojanDownloader.Agent.EJH
TrendMicro-HouseCall	TROJ_GEN.R002C0GK921
Paloalto	generic.ml
Kaspersky	HEUR:Trojan.Win32.Generic
BitDefender	Trojan.Autoruns.GenericKDS.31519466
NANO-Antivirus	Trojan.Win32.Vobfus.fmvjgc
Avast	Win32:Malware-gen
Tencent	Win32.Trojan-downloader.Agent.Llhs
Ad-Aware	Trojan.Autoruns.GenericKDS.31519466
Sophos	Mal/Generic-S
Comodo	Malware@#3btffrb8ukt1a
Zillya	Trojan.Vobfus.Win32.69931
TrendMicro	TROJ_GEN.R002C0GK921
McAfee-GW-Edition	BehavesLike.Win32.Generic.wh
Emsisoft	Trojan.Autoruns.GenericKDS.31519466 (B)
SentinelOne	Static AI – Suspicious PE
GData	Trojan.Autoruns.GenericKDS.31519466
Jiangmin	TrojanDownloader.Banload.brqe
Avira	TR/Downloader.aobr
MAX	malware (ai score=100)
Antiy-AVL	Trojan/Generic.ASMalwS.2A404AF
Microsoft	Trojan:Win32/Occamy.C30
Cynet	Malicious (score: 100)
AhnLab-V3	Malware/Gen.Generic.C2921193
ALYac	Trojan.Autoruns.GenericKDS.31519466
VBA32	Trojan.Vobfus
Malwarebytes	Malware.AI.852640239
APEX	Malicious
Rising	Downloader.Agent!8.B23 (CLOUD)
Yandex	Trojan.Vobfus!eeF10A5bFC4
Ikarus	Trojan-Downloader.Win32.Agent
MaxSecure	Trojan.Malware.73947815.susgen
Fortinet	W32/Vobfus.AZPE!tr
AVG	Win32:Malware-gen
Cybereason	malicious.d59dc1
Panda	Trj/CI.A

How to remove Malware.AI.852640239?

Malware.AI.852640239 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X