Malware.AI.3076744624 (file analysis)

The Malware.AI.3076744624 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.3076744624 virus can do?

Dynamic (imported) function loading detected
CAPE extracted potentially suspicious content
The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid

How to determine Malware.AI.3076744624?


File Info:
name: D8D666B8DF81703BC5EE.mlw
path: /opt/CAPEv2/storage/binaries/2d672ecbbd91a6ab05065b97d2b11da8c72c8fb06018aae4524d82bd91faab9c
crc32: A9654995
md5: d8d666b8df81703bc5ee1e6b59bd376c
sha1: aba79406fc8555429d9435ea18cb6cbeab861418
sha256: 2d672ecbbd91a6ab05065b97d2b11da8c72c8fb06018aae4524d82bd91faab9c
sha512: 9078abc38246e082e1b939742268dad209ca6fd493d186a710e79b610cf0ba9f1014fd10db39183a11b2b43197318530f388b14e05a1d2151cd006450e8b92ab
ssdeep: 3072:nLM8FL1n5lLCuq3p2iEs5+yhyNcSm2f/BS8baRYXLHIxCnNCMncRbabX4N4UWsCS:nDrn5FRq3p2iEs5ROcel4NKFWhv4Ph
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1C724C83235F96604F17BAB3917F131909BEEFA27A702E51D2D50038A4E379C1DDD22A9
sha3_384: f52a27cfdb18b8fe1287faf16413a0a082fc9af559530784c9a8f9a14fe3962b60ea79063a3fe216b7a42b8dc2f187ef
ep_bytes: ff250020400000000000000000000000
timestamp: 2021-05-12 02:43:16

Version Info:
Translation: 0x0000 0x04b0
FileDescription: WindowsApplication26
FileVersion: 1.0.0.0
InternalName: WindowsApplication26.exe
LegalCopyright: Copyright ©  2021
OriginalFilename: WindowsApplication26.exe
ProductName: WindowsApplication26
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Malware.AI.3076744624 also known as:

Lionic	Trojan.Win32.Malicious.4!c
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Bulz.471036
FireEye	Generic.mg.d8d666b8df81703b
McAfee	Artemis!D8D666B8DF81
Cylance	Unsafe
Zillya	Trojan.Kryptik.Win32.3168628
Sangfor	Backdoor.MSIL.Bladabindi.gen
K7AntiVirus	Trojan ( 0053f8bf1 )
Alibaba	Backdoor:MSIL/Bladabindi.fa3180c7
K7GW	Trojan ( 0053f8bf1 )
Cybereason	malicious.6fc855
BitDefenderTheta	Gen:NN.ZemsilF.34084.nq0@aab6yVi
Cyren	W32/Trojan.QVUU-5963
Symantec	Backdoor.Ratenjay
ESET-NOD32	a variant of MSIL/Kryptik.PXT
Paloalto	generic.ml
ClamAV	Win.Packed.Generic-9865070-0
Kaspersky	HEUR:Backdoor.MSIL.Bladabindi.gen
BitDefender	Gen:Variant.Bulz.471036
Avast	Win32:Malware-gen
Ad-Aware	Gen:Variant.Bulz.471036
Emsisoft	Gen:Variant.Bulz.471036 (B)
VIPRE	Trojan.Win32.Generic!BT
McAfee-GW-Edition	BehavesLike.Win32.Trojan.dm
Sophos	Mal/Generic-S
Ikarus	Trojan.MSIL.Injector
GData	Gen:Variant.Bulz.471036
Avira	HEUR/AGEN.1137703
Arcabit	Trojan.Bulz.D72FFC
Microsoft	Trojan:Win32/Skeeyah.A!rfn
Cynet	Malicious (score: 99)
AhnLab-V3	Malware/Win32.RL_Generic.C3461107
ALYac	Gen:Variant.Bulz.471036
MAX	malware (ai score=88)
VBA32	TScope.Trojan.MSIL
Malwarebytes	Malware.AI.3076744624
APEX	Malicious
SentinelOne	Static AI – Malicious PE
eGambit	Unsafe.AI_Score_98%
Fortinet	MSIL/GenKryptik.FBA!tr
AVG	Win32:Malware-gen
Panda	Trj/GdSda.A
CrowdStrike	win/malicious_confidence_60% (D)
MaxSecure	Trojan.Malware.300983.susgen

How to remove Malware.AI.3076744624?

Malware.AI.3076744624 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X