Malware

How to remove “Malware.AI.3155384457”?

Malware Removal

The Malware.AI.3155384457 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.3155384457 virus can do?

  • At least one process apparently crashed during execution
  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Possible date expiration check, exits too soon after checking local time
  • Dynamic (imported) function loading detected
  • Enumerates running processes
  • Manipulates data from or to the Recycle Bin
  • A process created a hidden window
  • Creates an autorun.inf file
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Attempts to delete or modify volume shadow copies
  • CAPE detected the Babuk malware family
  • Creates a known Babuk ransomware decryption instruction / key file.
  • Uses suspicious command line tools or Windows utilities

How to determine Malware.AI.3155384457?



File Info:

name: B661DD37A539EC42BD4D.mlw
path: /opt/CAPEv2/storage/binaries/ec57da53e5ac643e0874380e7a13c6dcd891846861ca5cd4e187966b399b215e
crc32: AF99BFE0
md5: b661dd37a539ec42bd4d5fd996d190de
sha1: a26623497f77d45fa273dcd3040b4a10fd5ba820
sha256: ec57da53e5ac643e0874380e7a13c6dcd891846861ca5cd4e187966b399b215e
sha512: 59248a26312ef04023d3f103bb7e68ae29181dbc6b0f7747bb1c5935c7be260109960818fe314dde9aa2622df079b7be94a7dc11416d2add6c3b8f8a9a42b98c
ssdeep: 1536:IkPshxMKG6gFsrQLOJgY8ZZP8LHD4XWaNH71dLdG1iiFM2iG2isn8f+:8hx8JFsrQLOJgY8Zp8LHD4XWaNH71dLL
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T17D83E9115985D2B6C5E232319163F1AAC53A197003B5B78B63C017AEFB10AD8F6BCF27
sha3_384: 5b0adba2992b06da4a6b060e081a58cab5438dfaa9a8494fdd8f5474ee342defcd549e9677d66fb9e0d01c97036eaa35
ep_bytes: 558bec81ec880000006a106a0068203c
timestamp: 2021-12-18 21:10:50


Version Info:

0: [No Data]

Malware.AI.3155384457 also known as:

BkavW32.AIDetect.malware1
Elasticmalicious (high confidence)
MicroWorld-eScanGeneric.Ransom.Babuk.!s!.G.61C5F24E
FireEyeGeneric.mg.b661dd37a539ec42
ALYacGeneric.Ransom.Babuk.!s!.G.61C5F24E
CylanceUnsafe
K7AntiVirusTrojan ( 005782fe1 )
K7GWTrojan ( 005782fe1 )
Cybereasonmalicious.7a539e
CyrenW32/Babyk.E.gen!Eldorado
SymantecRansom.Babuk
ESET-NOD32a variant of Win32/Filecoder.Babyk.A
APEXMalicious
ClamAVWin.Ransomware.Packer-7473772-1
KasperskyHEUR:Trojan-Ransom.Win32.Generic
BitDefenderGeneric.Ransom.Babuk.!s!.G.61C5F24E
AvastWin32:Dh-A [Heur]
TencentMalware.Win32.Gencirc.11dab53e
TACHYONRansom/W32.Agent.80896.E
SophosML/PE-A
DrWebTrojan.Encoder.34363
TrendMicroRansom.Win32.BABUK.SMRD1
McAfee-GW-EditionGenericRXNS-AS!B661DD37A539
EmsisoftTrojan.FileCoder (A)
AviraTR/Crypt.EPACK.Gen2
Antiy-AVLTrojan[Ransom]/Win32.Babuk.a
MicrosoftRansom:Win32/Babuk.MAK!MTB
ZoneAlarmHEUR:Trojan-Ransom.Win32.Generic
GDataGeneric.Ransom.Babuk.!s!.G.61C5F24E
CynetMalicious (score: 100)
AhnLab-V3Ransomware/Win.Babuk.R440335
McAfeeGenericRXNS-AS!B661DD37A539
MAXmalware (ai score=86)
VBA32BScope.TrojanRansom.Crypmod
MalwarebytesMalware.AI.3155384457
TrendMicro-HouseCallRansom.Win32.BABUK.SMRD1
RisingMalware.Heuristic!ET#89% (RDMK:cmRtazrMTTxurACCI13jCogrqFys)
IkarusTrojan-Ransom.Babyk
FortinetW32/FilecoderProt.F183!tr.ransom
BitDefenderThetaGen:NN.ZexaF.34182.euW@au7Mv4
AVGWin32:Dh-A [Heur]
PandaTrj/GdSda.A
MaxSecureTrojan.Malware.121218.susgen

How to remove Malware.AI.3155384457?

Malware.AI.3155384457 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment