About “Malware.AI.3479787148” infection

The Malware.AI.3479787148 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.3479787148 virus can do?

The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid

How to determine Malware.AI.3479787148?


File Info:
name: AE9726C48FF65AA316BA.mlw
path: /opt/CAPEv2/storage/binaries/9aad14f86aa80cadce9efa7a1bb77cdebdf0f141e38eebaee33305fd7fe11e4f
crc32: 60A7F747
md5: ae9726c48ff65aa316bad26a607fd2e9
sha1: ae48bba99f09d5bf97bc219259875a002a9d25af
sha256: 9aad14f86aa80cadce9efa7a1bb77cdebdf0f141e38eebaee33305fd7fe11e4f
sha512: d326a342d6bb7c6b1f6879bc05c83ef06115eb78ac84b09e6914afb6c54291e32576480d82eada66b709ca7fe7aeb4db2899913fe01532f8b47bfec855d32f24
ssdeep: 1536:s7fbN3eEDhDPA/pICdUkbBtW7upvaLU0bI5taxKo0IOlnToIfwwGQaWsabMxTVEl:i7DhdC6kzWypvaQ0FxyNTBfwnlabrl
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T180B38E41F2E501B7E6F2093100A5E23E9736AE24572498DBC7DC3D437972AD0AA3D3E9
sha3_384: eccaad4c1f79950b5a17564e24c41a7b959494903fe388ff72b1a19b9d6d9d663f8e3bc7bde0c84d133dab0ca0a4aa15
ep_bytes: 68ac00000068000000006868804100e8
timestamp: 2019-07-30 08:52:45

Version Info:
FileVersion: 0.0.0.1
ProductVersion: 0.0.0.1
ProductName: Tugboat
OriginalFilename: Tugboat
InternalName: Tugboat
FileDescription: Private Connection Method
CompanyName: MineRegedit
LegalCopyright: Decency
PrivateBuild: By Decency
SpecialBuild: By Decency
Translation: 0x0000 0x04e4

Malware.AI.3479787148 also known as:

Bkav	W32.Common.665F69A3
Lionic	Trojan.Win32.Generic.4!c
Elastic	malicious (high confidence)
FireEye	Generic.mg.ae9726c48ff65aa3
Skyhigh	BehavesLike.Win32.RealProtect.ch
McAfee	RDN/Generic.dx
Malwarebytes	Malware.AI.3479787148
Sangfor	Trojan.Win32.Save.a
APEX	Malicious
ClamAV	Win.Trojan.Generic-10011119-0
Rising	Trojan.Generic@AI.99 (RDML:V3W+AVGD7FT9bqOvwVP6ig)
Sophos	Generic ML PUA (PUA)
Jiangmin	Trojan.BAT.aww
Google	Detected
Cynet	Malicious (score: 100)
AhnLab-V3	Trojan/Win.Generic.C5257027
BitDefenderTheta	Gen:NN.ZexaF.36792.hu0@aKAP2tb
DeepInstinct	MALICIOUS
Cylance	unsafe
TrendMicro-HouseCall	TROJ_GEN.R002H06EE23
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.9146449.susgen
Fortinet	W32/PossibleThreat
AVG	Win32:Malware-gen
Avast	Win32:Malware-gen
CrowdStrike	win/malicious_confidence_60% (W)

How to remove Malware.AI.3479787148?

Malware.AI.3479787148 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X