Malware

Malware.AI.3122618027 removal tips

Malware Removal

The Malware.AI.3122618027 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.3122618027 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Creates RWX memory
  • Guard pages use detected – possible anti-debugging.
  • Dynamic (imported) function loading detected
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Collects and encrypts information about the computer likely to send to C2 server
  • Installs itself for autorun at Windows startup
  • Creates a copy of itself

How to determine Malware.AI.3122618027?



File Info:

name: 89BC96BD35B9E0793F0E.mlw
path: /opt/CAPEv2/storage/binaries/910d65a2086c19b13f1ab19f695f4c41779e69c5b63a38f4696231bbf8fd0dbd
crc32: 475EDDB5
md5: 89bc96bd35b9e0793f0e91cf68107c7e
sha1: f553dcf048a5cc092282323e75149d169a3d5125
sha256: 910d65a2086c19b13f1ab19f695f4c41779e69c5b63a38f4696231bbf8fd0dbd
sha512: 9322ac6a3f96bdff909ec2aa247bf56a5485ed3861a66ca878d7f153694d5c76fd9848cf4b011366f4a25aec94e6704ba06785506918ec7e7e03ad02779dc4af
ssdeep: 3072:uXJ2x6ekOiKXiEBOtpPvvFdyNKic70GJRcvJjArmd2PKZoJKYBR7Lyn+m53WVux1:KqESIPaNSXAWjUng03OLVJU
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1F554AEC5F7F9ADA3C6990679405223D42322CE09FA22BB334564313A1D773D7AD9AC87
sha3_384: 9b605512b5437d45f30d509f0f85943c9e61d3b1e4bf238fb6b07afa2bca74da7f0bb28142121c902a0c5af9a00419f0
ep_bytes: ff250020400000000000000000000000
timestamp: 2014-03-25 11:43:00


Version Info:

Translation: 0x0000 0x04b0
FileDescription: nTorrent
FileVersion: 2.1.1.1
InternalName: WinRAR.exe
LegalCopyright:  
OriginalFilename: WinRAR.exe
ProductVersion: 2.1.1.1
Assembly Version: 2.1.1.1

Malware.AI.3122618027 also known as:

LionicTrojan.Win32.Sysn.b!c
MicroWorld-eScanGen:Variant.Johnnie.23151
FireEyeGeneric.mg.89bc96bd35b9e079
McAfeeGenericR-CZD!89BC96BD35B9
CylanceUnsafe
ZillyaTrojan.CoinMiner.Win32.42333
SangforSuspicious.Win32.Save.a
CrowdStrikewin/malicious_confidence_70% (W)
AlibabaTrojanDropper:Win32/CoinMiner.c2342413
K7GWTrojan ( 004daf821 )
K7AntiVirusTrojan ( 004daf821 )
BitDefenderThetaGen:NN.ZemsilF.34232.sm0@aGYNhze
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/CoinMiner.IQ
TrendMicro-HouseCallTROJ_GEN.R002C0OB822
Paloaltogeneric.ml
KasperskyTrojan-Dropper.Win32.Sysn.axlg
BitDefenderGen:Variant.Johnnie.23151
NANO-AntivirusTrojan.Win32.Badur.cwpkgl
AvastWin32:Malware-gen
TencentWin32.Trojan-dropper.Sysn.Edei
Ad-AwareGen:Variant.Johnnie.23151
EmsisoftGen:Variant.Johnnie.23151 (B)
ComodoTrojWare.Win32.Amtar.JAOJ@5iyj1f
VIPRETrojan.Win32.Generic!BT
TrendMicroTROJ_GEN.R002C0OB822
McAfee-GW-EditionGenericR-CZD!89BC96BD35B9
SophosMal/Generic-S
IkarusTrojan.CoinMiner
GDataGen:Variant.Johnnie.23151
JiangminTrojanDropper.Sysn.ety
AviraHEUR/AGEN.1209156
Antiy-AVLTrojan/Generic.ASMalwS.1431AA5
GridinsoftRansom.Win32.Wacatac.sa
ArcabitTrojan.Johnnie.D5A6F
ZoneAlarmTrojan-Dropper.Win32.Sysn.axlg
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 99)
AhnLab-V3Trojan/Win32.Nitol.R185027
ALYacGen:Variant.Johnnie.23151
MAXmalware (ai score=81)
VBA32Trojan.MSIL.gen.a.15
MalwarebytesMalware.AI.3122618027
APEXMalicious
YandexTrojan.Badur!b1F2PVDscf8
SentinelOneStatic AI – Malicious PE
FortinetW32/Badur.HERH!tr
AVGWin32:Malware-gen
Cybereasonmalicious.d35b9e
PandaGeneric Malware

How to remove Malware.AI.3122618027?

Malware.AI.3122618027 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment