Malware

About “Malware.AI.3145700231” infection

Malware Removal

The Malware.AI.3145700231 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.3145700231 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Presents an Authenticode digital signature
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • Performs HTTP requests potentially not found in PCAP.
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Behavior consistent with a dropper attempting to download the next stage.
  • Attempts to modify proxy settings

How to determine Malware.AI.3145700231?



File Info:

name: F968B77EF8B3F87A559B.mlw
path: /opt/CAPEv2/storage/binaries/93e455c711e39bbd845c189b5988437995d0d30bca683b73041c2d39e02a9bac
crc32: B9605CB9
md5: f968b77ef8b3f87a559bb768e8435594
sha1: fe63e6fb82f387eddf0151a0c6a7330604918e5e
sha256: 93e455c711e39bbd845c189b5988437995d0d30bca683b73041c2d39e02a9bac
sha512: d0ac0d19bb442bac6dd47e45b41e64bd08b6715f58bdb8542430d31980be130bda809f062006d9d3254f84b9118bfda22da193496bfae9d5202bf91eaaead4bf
ssdeep: 12288:iadLWD7888888888888W88888888888X2Ox1RNzRq7YAVkTijKdkBwJz9K7Mme7N:BBWR2OxVlqmuBYKq7I6Khyk0tT
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T13CB4F103B3C30071F4665E38C975C414AE3379B918F5601E2DF9EA0E5ABA7C28D76B66
sha3_384: ccc4b89f8e4479e779ad26e916b2441da8c2cd9e672f263a89582c10b10e45b4e19e7f0288585a942fb7ee6b9325c18b
ep_bytes: 558bec83c4a453565733c08945c48945
timestamp: 2016-04-06 14:39:04


Version Info:

Comments: This installation was built with Inno Setup.
CompanyName:                                                             
FileDescription: Setup Setup                                                 
FileVersion:                     
LegalCopyright:                                                                                                     
ProductName: Setup                                                       
ProductVersion: 1                                                 
Translation: 0x0000 0x04b0

Malware.AI.3145700231 also known as:

LionicTrojan.Win32.Generic.4!c
Elasticmalicious (high confidence)
DrWebAdware.Downware.19519
MicroWorld-eScanTrojan.GenericKD.47488581
FireEyeTrojan.GenericKD.47488581
CylanceUnsafe
K7AntiVirusTrojan ( 005850dc1 )
K7GWTrojan ( 005850dc1 )
SymantecTrojan.Gen.MBT
APEXMalicious
Paloaltogeneric.ml
BitDefenderTrojan.GenericKD.47488581
SUPERAntiSpywareTrojan.Agent/GenericKD
AvastWin32:Adware-gen [Adw]
EmsisoftTrojan.GenericKD.47488581 (B)
McAfee-GW-EditionArtemis!Trojan
SophosMal/Generic-S
IkarusTrojan.Ursu
AviraTR/Ursu.ubmec
MicrosoftTrojan:Win32/Wacatac.B!ml
GDataTrojan.GenericKD.47488581
CynetMalicious (score: 99)
AhnLab-V3PUP/Win32.Bundler.R295745
VBA32Adware.Downware
MAXmalware (ai score=81)
MalwarebytesMalware.AI.3145700231
TencentWin32.Trojan.Ser.Edxg
AVGWin32:Adware-gen [Adw]
CrowdStrikewin/grayware_confidence_100% (W)

How to remove Malware.AI.3145700231?

Malware.AI.3145700231 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment