Malware

Malware.AI.3045738380 (file analysis)

Malware Removal

The Malware.AI.3045738380 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.3045738380 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Anomalous file deletion behavior detected (10+)
  • Dynamic (imported) function loading detected
  • A process created a hidden window
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Attempts to create or modify a Browser Helper Object

How to determine Malware.AI.3045738380?



File Info:

name: DA0A0425D2DB6AAD0C2D.mlw
path: /opt/CAPEv2/storage/binaries/71cc08edea7a0c6171d816110a2093960c22944f22d176790080d4a6bff99eeb
crc32: 8913D9B8
md5: da0a0425d2db6aad0c2df6339c12c6bf
sha1: 8739e33a8b57d8cb347244fcb1ddfa93d6e40780
sha256: 71cc08edea7a0c6171d816110a2093960c22944f22d176790080d4a6bff99eeb
sha512: ae035df5eccf9deb3d1e1e2e18375f6762bfe310950a85496bc772ad743225f4f4fa6a70a79542113980b95ea484e05a0fb6cf0566b2da95936220fe91c3f489
ssdeep: 768:hFz8IwJq1JZY0a3bdE2iZ9uoB4PWK0InKtQri+lE2eZe9bZ3mo:hfwJq1Jva3bW2/84OnIKSBlE26e6o
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T17453AE0B27A686E1E518657204DB43768D3F7D412F60E3ABEF50EC5E9C37E11AC21A68
sha3_384: 5c223a41e86b1dc86ffa68e5de0cb0b7ddaab078f91b357fad446902c140dee8f20e957ee591b2f73f81346187e45051
ep_bytes: 558bec6aff686053400068e63e400064
timestamp: 2008-08-26 05:39:27


Version Info:

Comments: 
CompanyName: Microsoft Corporation
FileDescription: Windows NT Setup Executable
FileVersion: 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
InternalName: setup
LegalCopyright: Copyright Microsoft Corporation(C) 2006
LegalTrademarks: 
OriginalFilename: setup.exe
PrivateBuild: 
ProductName: Microsoft Windows Operating System
ProductVersion: 5.1.2600.2180
SpecialBuild: 
Translation: 0x0804 0x04b0

Malware.AI.3045738380 also known as:

LionicTrojan.Win32.Agent.lj7H
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Ser.Ursu.9891
FireEyeGeneric.mg.da0a0425d2db6aad
McAfeeArtemis!DA0A0425D2DB
CylanceUnsafe
ZillyaDropper.Agent.Win32.450102
SangforTrojan.Win32.Generic.ky
CrowdStrikewin/malicious_confidence_90% (W)
AlibabaTrojanDropper:Win32/Cadro.27a384c1
K7GWTrojan ( 0055e3df1 )
K7AntiVirusTrojan ( 0055e3df1 )
CyrenW32/Adware.SKCR-4361
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/TrojanDropper.Agent.XIA
APEXMalicious
Paloaltogeneric.ml
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Variant.Ser.Ursu.9891
NANO-AntivirusRiskware.Win32.BHO.bnopc
AvastWin32:BHO-XK [Adw]
TencentWin32.Trojan.Generic.Wqcw
Ad-AwareGen:Variant.Ser.Ursu.9891
EmsisoftGen:Variant.Ser.Ursu.9891 (B)
ComodoTrojWare.Win32.TrojanDownloader.Nekill.A@286txa
DrWebTrojan.DownLoad3.19009
VIPREAdware.Win32.Rugo (v)
TrendMicroTROJ_GEN.R002C0PLA21
McAfee-GW-EditionAdware-BDSearch.v
SophosGeneric Reputation PUA (PUA)
GDataGen:Variant.Ser.Ursu.9891
JiangminTrojanDropper.Agent.asil
WebrootW32.Trojan.Gen
AviraTR/Dropper.Gen2
MAXmalware (ai score=84)
Antiy-AVLTrojan/Generic.ASMalwS.31DD88
ArcabitTrojan.Ser.Ursu.D26A3
MicrosoftTrojan:Win32/Wacatac.B!ml
VBA32BScope.Adware.BHO
ALYacGen:Variant.Ser.Ursu.9891
TACHYONTrojan/W32.Agent.61440.ENZ
MalwarebytesMalware.AI.3045738380
TrendMicro-HouseCallTROJ_GEN.R002C0PLA21
RisingAdWare.Win32.Agent.cjp (CLASSIC)
YandexTrojan.GenAsa!4wLWYwcsEQ0
Ikarusnot-a-virus:AdWare.Win32.BHO
MaxSecureTrojan.Malware.300983.susgen
FortinetAdware/BHO
BitDefenderThetaGen:NN.ZexaF.34084.dq0@aOtXYTfb
AVGWin32:BHO-XK [Adw]
Cybereasonmalicious.5d2db6
PandaTrj/Genetic.gen

How to remove Malware.AI.3045738380?

Malware.AI.3045738380 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment