Malware

About “Malware.AI.3065909230” infection

Malware Removal

The Malware.AI.3065909230 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.3065909230 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Behavioural detection: Executable code extraction – unpacking
  • Presents an Authenticode digital signature
  • Creates RWX memory
  • Guard pages use detected – possible anti-debugging.
  • Dynamic (imported) function loading detected
  • At least one IP Address, Domain, or File Name was found in a crypto call
  • Performs HTTP requests potentially not found in PCAP.
  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Anomalous .NET characteristics
  • Behavioural detection: Injection (inter-process)
  • Created a process from a suspicious location

How to determine Malware.AI.3065909230?



File Info:

name: 979A0D198C1A70BCB540.mlw
path: /opt/CAPEv2/storage/binaries/04379ceecccae6f8c020875c45d05472086d485a602d27249991f5f7f586a74f
crc32: 91DB8AF7
md5: 979a0d198c1a70bcb540c0db6cc65644
sha1: 60e3794f4f0b361af4021c7a4be19f922197b106
sha256: 04379ceecccae6f8c020875c45d05472086d485a602d27249991f5f7f586a74f
sha512: 65fbaba0d3a138884244959cffafe3b50fc48d33ff53c24f0458b2a98aa1190a5c54dd6a032ddcf1372fafeef7334138e1700c054173d3418740e1829d269d82
ssdeep: 12288:OwkVqmp7AoL8Cm69rqsBk0NHNPmRruSDfEcIUrd2OZi6kyxp+/xpx1b:SImVAoL8Kr2W0KSjrd2OHkyxp+/xpx1b
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T191D41628FED3D00AC6D1E3B545812B987BA49084675763F5F02A81B8ECDD36A8DD41EF
sha3_384: b62deb9edbd4a43d78886bd5a7c28d51e93f889641c1a973f6d9a06fc7b02b9269587fc881911c1cf504a2cbc4193b0a
ep_bytes: ff250020400000000000000000000000
timestamp: 2017-07-27 21:47:24


Version Info:

0: [No Data]

Malware.AI.3065909230 also known as:

LionicTrojan.Win32.Generic.m!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Bulz.362132
FireEyeGeneric.mg.979a0d198c1a70bc
ALYacGen:Variant.Bulz.362132
CylanceUnsafe
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 005132071 )
AlibabaBackdoor:MSIL/Injector.6aca1cce
K7GWTrojan ( 005132071 )
Cybereasonmalicious.98c1a7
BitDefenderThetaGen:NN.ZemsilF.34212.NmY@aWS!xGk
VirITTrojan.Win32.Panda.SAJ
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/Injector.RUL
Paloaltogeneric.ml
ClamAVBC.Win.Packed.ConfuserEx-6428556-1
KasperskyHEUR:Backdoor.Win32.Generic
BitDefenderGen:Variant.Bulz.362132
NANO-AntivirusTrojan.Win32.Panda.erjxlk
AvastWin32:Malware-gen
TencentWin32.Trojan.Inject.Auto
Ad-AwareGen:Variant.Bulz.362132
SophosMal/Generic-S
ComodoMalware@#1mf6ujaimynbh
DrWebTrojan.PWS.Panda.12177
VIPRETrojan.Win32.Generic!BT
McAfee-GW-EditionBehavesLike.Win32.Generic.jc
SentinelOneStatic AI – Malicious PE
EmsisoftGen:Variant.Bulz.362132 (B)
APEXMalicious
GDataGen:Variant.Bulz.362132
JiangminBackdoor.Generic.axzc
AviraTR/Dropper.MSIL.Gen4
Antiy-AVLTrojan/Generic.ASMalwS.2161E3C
ZoneAlarmHEUR:Backdoor.Win32.Generic
MicrosoftTrojan:Win32/Skeeyah.A!rfn
CynetMalicious (score: 100)
Acronissuspicious
McAfeeGeneric.cfj
MAXmalware (ai score=100)
VBA32TScope.Trojan.MSIL
MalwarebytesMalware.AI.3065909230
RisingMalware.Obfus/MSIL@AI.93 (RDM.MSIL:T/DhKh32XSLQU2adFNMp9w)
IkarusTrojan.MSIL.Krypt
MaxSecureTrojan.Malware.300983.susgen
FortinetMSIL/Generic.AP.11CFC4!tr
AVGWin32:Malware-gen
PandaTrj/GdSda.A
CrowdStrikewin/malicious_confidence_100% (D)

How to remove Malware.AI.3065909230?

Malware.AI.3065909230 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment