About “Malware.AI.3035237032” infection

The Malware.AI.3035237032 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.3035237032 virus can do?

Reads data out of its own binary image
Unconventionial binary language: Chinese (Simplified)
Unconventionial language used in binary resources: Chinese (Simplified)
Authenticode signature is invalid

How to determine Malware.AI.3035237032?


File Info:
name: 6496AF9119C34B4C569E.mlw
path: /opt/CAPEv2/storage/binaries/735c663235c619493df11f14833e6fda45695968214e693dff993c7bd367d581
crc32: 415B861E
md5: 6496af9119c34b4c569eecfd1ff5688d
sha1: 335098ccb5526a7272a7aa0a474d3c8fa8a0da3e
sha256: 735c663235c619493df11f14833e6fda45695968214e693dff993c7bd367d581
sha512: e6d56fd94870cb27f8953fadb3ef9dee6bd0dceda1f381d455ba20a05268e398d080b25f0b7fece4990f2028aac60f15de933e20382896f965010f46ab23b037
ssdeep: 12288:YcrPvGunTM7/6DUOrYS+JsVus4EqAc60xvh:PDV4+nIsVL4vActvh
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1E9B48D027276C0F5C91544310E5BA7BAA6F6AD904F165E837398FF6E2C325C09A3B31B
sha3_384: 9559975769e90af27cbb06b8c2e7aaab16116468c7607c7dc4f4c5b12043e778d8e179f7e6110253e36bf87c015a580f
ep_bytes: 558bec6aff68486c450068e489420064
timestamp: 2009-08-25 08:19:45

Version Info:
Comments: 
CompanyName: 
FileDescription: COGuard Microsoft 基础类应用程序
FileVersion: 1, 0, 0, 1
InternalName: COGuard
LegalCopyright: 版权所有 (C) 2008
LegalTrademarks: 
OriginalFilename: COGuard.EXE
PrivateBuild: 
ProductName: COGuard 应用程序
ProductVersion: 1, 0, 0, 1
SpecialBuild: 
Translation: 0x0804 0x04b0

Malware.AI.3035237032 also known as:

AVG	Win32:Evo-gen [Trj]
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Doina.Blind.11953
FireEye	Generic.mg.6496af9119c34b4c
Skyhigh	BehavesLike.Win32.Ransomware.hh
McAfee	GenericRXBC-BY!6496AF9119C3
Malwarebytes	Malware.AI.3035237032
Sangfor	Suspicious.Win32.Save.ins
Symantec	ML.Attribute.HighConfidence
Cynet	Malicious (score: 99)
BitDefender	Gen:Variant.Doina.Blind.11953
Avast	Win32:Evo-gen [Trj]
Emsisoft	Gen:Variant.Doina.Blind.11953 (B)
F-Secure	Heuristic.HEUR/AGEN.1346841
DrWeb	Trojan.PWS.Gamania.38192
VIPRE	Gen:Variant.Doina.Blind.11953
TrendMicro	TROJ_GEN.R03BC0PDI24
Trapmine	malicious.moderate.ml.score
Sophos	Mal/Generic-S
Varist	W32/S-4bfb5199!Eldorado
Avira	HEUR/AGEN.1346841
Antiy-AVL	Trojan/Win32.Agent
Kingsoft	malware.kb.a.764
Microsoft	Trojan:Win32/Wacatac.B!ml
Arcabit	Trojan.Doina.Blind.D2EB1
GData	Gen:Variant.Doina.Blind.11953
Google	Detected
BitDefenderTheta	Gen:NN.ZexaF.36802.Gq0@aqlrcbfb
ALYac	Gen:Variant.Doina.Blind.11953
MAX	malware (ai score=83)
VBA32	BScope.Trojan.MulDrop
Cylance	unsafe
Panda	Trj/Chgt.AD
TrendMicro-HouseCall	TROJ_GEN.R03BC0PDI24
Yandex	Trojan.GenAsa!0EtSpfQcY4I
DeepInstinct	MALICIOUS

How to remove Malware.AI.3035237032?

Malware.AI.3035237032 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X