Malware

Malware.AI.1388001843 removal instruction

Malware Removal

The Malware.AI.1388001843 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Malware.AI.1388001843 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • Enumerates running processes
  • CAPE extracted potentially suspicious content
  • Unconventionial language used in binary resources: Russian
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Malware.AI.1388001843?


File Info:

name: 670E2DA1D496F401B3B4.mlw
path: /opt/CAPEv2/storage/binaries/33b6b32fce0a94c7bf54b859844ebad732c6cf5ce8edf8929450d48e17da933c
crc32: A364AD25
md5: 670e2da1d496f401b3b4ee663c7d8b21
sha1: 099380e014ad17c42e3a39df771c361137cfef83
sha256: 33b6b32fce0a94c7bf54b859844ebad732c6cf5ce8edf8929450d48e17da933c
sha512: d6c2858dd885e766ee5227e84c987b1bf210bef75c197687bb8b6f7dd5475879320f333001256238f833b69a1592305ed9b74e8747e638af7bb490c3987f2539
ssdeep: 6144:XJ8wZXyN6kAS0peOL+nWtyFicbHiunp0GVbwji9qmkNe/4NVoqrd9e:Xo0pWnTFRdp0Gl99DkNeAAQ
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T13774125A3550C9D2E8A30FFA0497D605BF53F2D0CAA2CB259487508A39DA7C2873CE5F
sha3_384: 3921c43a98219f05a0a5549fab66f808db1fbf4414ce97855dc07ee5e7ece6a8baa7c5d82c558cc3fa81f30d703bf721
ep_bytes: 5589e581ecfc01000087fe56575355e8
timestamp: 1970-10-10 14:32:32

Version Info:

0: [No Data]

Malware.AI.1388001843 also known as:

BkavW32.AIDetect.malware2
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Lazy.208802
FireEyeGeneric.mg.670e2da1d496f401
CAT-QuickHealFraudTool.Security
McAfeeGeneric FakeAV.nn
CylanceUnsafe
ZillyaTrojan.FakeAV.Win32.136947
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 0021226a1 )
K7GWTrojan ( 0021226a1 )
Cybereasonmalicious.1d496f
BitDefenderThetaGen:NN.ZexaF.34582.vu0@aaM0vkec
CyrenW32/FakeAlert.JP.gen!Eldorado
SymantecTrojan.Gen.MBT
tehtrisGeneric.Malware
ESET-NOD32a variant of Win32/Kryptik.JGV
BaiduWin32.Trojan.Kryptik.nk
TrendMicro-HouseCallTROJ_FAKEAL.SMEP
ClamAVWin.Trojan.Fakesec-895
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Variant.Lazy.208802
NANO-AntivirusTrojan.Win32.Krap.bqlxt
SUPERAntiSpywareTrojan.Agent/Gen-FakeSoft
APEXMalicious
TencentMalware.Win32.Gencirc.11fa0e77
Ad-AwareGen:Variant.Lazy.208802
EmsisoftGen:Variant.Lazy.208802 (B)
ComodoTrojWare.Win32.PkdKrap.AO@2mkvi8
DrWebTrojan.Fakealert.19937
VIPREGen:Variant.Lazy.208802
TrendMicroTROJ_FAKEAL.SMEP
McAfee-GW-EditionBehavesLike.Win32.Generic.fc
Trapminemalicious.high.ml.score
SophosML/PE-A + Mal/FakeAV-EA
IkarusPacker.Win32.Krap
GDataGen:Variant.Lazy.208802
JiangminTrojanDownloader.Murlo.bdr
AviraTR/FakeAV.BO.1
MAXmalware (ai score=85)
Antiy-AVLTrojan/Generic.ASMalwS.20
MicrosoftVirTool:Win32/Obfuscator.OX
CynetMalicious (score: 100)
AhnLab-V3Win-Trojan/Zbot3.Gen
VBA32BScope.Trojan.ImpTr
ALYacGen:Variant.Lazy.208802
MalwarebytesMalware.AI.1388001843
AvastWin32:FakeSysdef-L [Trj]
RisingTrojan.Generic@AI.100 (RDML:VG6Z+uJnLS4PGDlOb+1FWg)
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Krap.AON!tr
AVGWin32:FakeSysdef-L [Trj]
PandaAdware/WindowsRecovery
CrowdStrikewin/malicious_confidence_100% (D)

How to remove Malware.AI.1388001843?

Malware.AI.1388001843 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment