Malware

Malware.AI.3101284321 removal tips

Malware Removal

The Malware.AI.3101284321 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.3101284321 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Authenticode signature is invalid
  • Installs itself for autorun at Windows startup
  • Creates a copy of itself
  • Anomalous binary characteristics

How to determine Malware.AI.3101284321?



File Info:

name: 922E305ED70779AD8823.mlw
path: /opt/CAPEv2/storage/binaries/c225ea7219a56e15d4459db4f168bd7d127f69f76d36dc11a830f9d0ac2982ea
crc32: 3861702C
md5: 922e305ed70779ad8823432b5a53eece
sha1: 7edba49959845bb05d42f7a2d624db3f2afba92b
sha256: c225ea7219a56e15d4459db4f168bd7d127f69f76d36dc11a830f9d0ac2982ea
sha512: 0e0e851fa70b23a069aa45d4d353ababfdbcc3397eca69fecfbe9d9cf89c0a7415334b5c0ca42b74acab9a4199db94247c7b32028322b89c3fcf36c8c4ed7592
ssdeep: 6144:SueHyfsydvTZpfIKbrvkfHljDLuEFRgxz:yH8N5FrvkN/LuEFRy
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T121546A01B790C0B2D26624324896D77A97AEBC305F655BC777907B3DAE312C1AE3934E
sha3_384: c31951baf257f02461e473ee76e0d45bfd44a57712086337f2f6f2180a6264e72793f00fddf5b3e15ed96ffda444be43
ep_bytes: e8a2850000e978feffff8bff558bec51
timestamp: 2016-02-01 12:33:12


Version Info:

FileDescription: ftruferfrefreyghuyg 应用程序
FileVersion: 1, 0, 0, 1
InternalName: ftruferfrefreyghuyg
LegalCopyright: Copyright (C) 2016  ftruferfrefreyghuyg
OriginalFilename: ftruferfrefreyghuyg.exe
ProductName: ftruferfrefreyghuyg 应用程序
ProductVersion: 1, 0, 0, 1
Translation: 0x0804 0x04b0

Malware.AI.3101284321 also known as:

LionicTrojan.Win32.Generic.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Doina.15788
FireEyeGeneric.mg.922e305ed70779ad
CAT-QuickHealTrojan.Generic
ALYacGen:Variant.Doina.15788
CylanceUnsafe
ZillyaBackdoor.Farfli.Win32.8016
K7AntiVirusTrojan ( 003565701 )
K7GWTrojan ( 003565701 )
Cybereasonmalicious.ed7077
BaiduWin32.Trojan.Farfli.ax
CyrenW32/Trojan.IGQU-4456
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/TrojanProxy.Agent.NJC
APEXMalicious
Paloaltogeneric.ml
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Variant.Doina.15788
NANO-AntivirusTrojan.Win32.Farfli.edgmlt
AvastWin32:Farfli-CP [Trj]
TencentMalware.Win32.Gencirc.10c440ba
Ad-AwareGen:Variant.Doina.15788
EmsisoftGen:Variant.Doina.15788 (B)
VIPRETrojan.Win32.Generic!BT
TrendMicroTROJ_GEN.R002C0PL321
McAfee-GW-EditionBehavesLike.Win32.Dropper.dh
SophosMal/Generic-S
IkarusTrojan.Win32.Farfli
GDataGen:Variant.Doina.15788
JiangminHeur:Trojan/Dialer
AviraHEUR/AGEN.1130352
Antiy-AVLTrojan/Generic.ASMalwS.176006C
GridinsoftRansom.Win32.Sabsik.sa
ArcabitTrojan.Doina.D3DAC
ViRobotTrojan.Win32.Z.Farfli.304128
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
CynetMalicious (score: 100)
AhnLab-V3Malware/Win32.Generic.C2802764
McAfeeGenericRXLD-RS!922E305ED707
MAXmalware (ai score=88)
VBA32Backdoor.Farfli
MalwarebytesMalware.AI.3101284321
TrendMicro-HouseCallTROJ_GEN.R002C0PL321
RisingBackdoor.Farfli!1.A1B3 (CLASSIC)
YandexTrojan.Agent!DM7Mgta/2iY
SentinelOneStatic AI – Suspicious PE
eGambitTrojan.Generic
FortinetW32/Farfli.ADV!tr
BitDefenderThetaGen:NN.ZexaF.34084.sq0@ayqvVTgj
AVGWin32:Farfli-CP [Trj]
PandaTrj/GdSda.A
CrowdStrikewin/malicious_confidence_70% (D)

How to remove Malware.AI.3101284321?

Malware.AI.3101284321 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment