Malware.AI.1781301298 (file analysis)

The Malware.AI.1781301298 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.1781301298 virus can do?

Unconventionial language used in binary resources: Russian
Authenticode signature is invalid
Attempts to modify proxy settings

How to determine Malware.AI.1781301298?


File Info:
name: 3DBB926F789AF1FE810C.mlw
path: /opt/CAPEv2/storage/binaries/adce83ad797322659c24a64efb2ae21000533e88a09ab50e49477dddaaf72b7c
crc32: 3B0F3017
md5: 3dbb926f789af1fe810c27897ec03c7f
sha1: ccb499945860a5b5f9f6efba61aad9ebc4061e2b
sha256: adce83ad797322659c24a64efb2ae21000533e88a09ab50e49477dddaaf72b7c
sha512: dad44b631945ebbd2a3438d91f14d39d0e524a252340b1b58fae27b5cf31e0eeac899d608ac52a1c815b98d5b77a2f6cf46486a1104683ed9b4840d83104a381
ssdeep: 6144:HH5iE8+6wQuAvqV3iapRn4c4XIDQo+Iw5iM1PUR2hvnrXw:H8bLu93lXp6IwZPUGU
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1A4A427F6628DAA71CC3E94F14D77790141BDAE6CCDD2007396F05B076AC10AE6A63E8C
sha3_384: 9b24d58281fe28123768934b1df4b8c857c9c9dc2ada6288033688dbc13b862366e41e0af832520cb242af8ce8b0cd33
ep_bytes: e885800000e916feffff558bec83ec20
timestamp: 2009-08-22 20:49:44

Version Info:
CompanyName: BAR
FileVersion: 1, 0, 0, 21
LegalCopyright: Copyright ? 2008
PrivateBuild: 876980
ProductName: BAR DLR AFF AAV AVM
ProductVersion: 1, 0, 0, 21
Translation: 0x0409 0x04b0

Malware.AI.1781301298 also known as:

Bkav	W32.Common.E4F19206
Lionic	Trojan.Win32.Mirar.4!c
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Zusy.428640
ClamAV	Win.Adware.Agent-729168
FireEye	Generic.mg.3dbb926f789af1fe
Skyhigh	Adware-OneStep.w
ALYac	Gen:Variant.Zusy.428640
Cylance	unsafe
Sangfor	Adware.Win32.Mirar.Vijp
Alibaba	AdWare:Win32/Mirar.2b41ca03
Arcabit	Trojan.Zusy.D68A60
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/Adware.Mirar.B
Cynet	Malicious (score: 100)
BitDefender	Gen:Variant.Zusy.428640
NANO-Antivirus	Trojan.Win32.Buzy.cylzxq
SUPERAntiSpyware	Trojan.Agent/Gen-Downloader
Avast	Win32:Adware-gen [Adw]
Tencent	Win32.Trojan.Buzy.Uimw
Sophos	Generic Reputation PUA (PUA)
F-Secure	Heuristic.HEUR/AGEN.1320748
VIPRE	Gen:Variant.Zusy.428640
TrendMicro	TROJ_GEN.R002C0PAN24
Emsisoft	Gen:Variant.Zusy.428640 (B)
Ikarus	BHO.Win32.Tango
Webroot	W32.Malware.Gen
Google	Detected
Avira	HEUR/AGEN.1320748
Antiy-AVL	Trojan[Downloader]/Win32.Agent
Kingsoft	Win32.Troj.Undef.a
Xcitium	TrojWare.Win32.Downloader.Agent.xxxd@2attfc
ViRobot	Adware.Buzy.491520
GData	Gen:Variant.Zusy.428640
McAfee	Adware-OneStep.w
MAX	malware (ai score=85)
Malwarebytes	Malware.AI.1781301298
Panda	Trj/CI.A
TrendMicro-HouseCall	TROJ_GEN.R002C0PAN24
Rising	Adware.Mirar!8.2864 (TFE:5:7r4PzxvtWXF)
Yandex	Trojan.GenAsa!3tzJiLeIg0Q
Fortinet	Riskware/Generic_PUA_MM
AVG	Win32:Adware-gen [Adw]
DeepInstinct	MALICIOUS

How to remove Malware.AI.1781301298?

Malware.AI.1781301298 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X