Malware

How to remove “Malware.AI.3166295582”?

Malware Removal

The Malware.AI.3166295582 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.3166295582 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Guard pages use detected – possible anti-debugging.
  • Dynamic (imported) function loading detected
  • Starts servers listening on 0.0.0.0:0
  • Enumerates running processes
  • A process created a hidden window
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Uses Windows utilities to enumerate running processes
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Detects Bochs through the presence of a registry key
  • Uses suspicious command line tools or Windows utilities

How to determine Malware.AI.3166295582?



File Info:

name: 08E1BD9A7239544AD883.mlw
path: /opt/CAPEv2/storage/binaries/01365d5e6b060569ae5997d62ccbed2d734df93dac00f3f48d54b15db3529a18
crc32: A40E1D31
md5: 08e1bd9a7239544ad8839c6dea9517eb
sha1: 5c8b28f20ef273f78ba45db8d4daf91a663fb607
sha256: 01365d5e6b060569ae5997d62ccbed2d734df93dac00f3f48d54b15db3529a18
sha512: 24502868c042ea3c5a16af5c6f9e247bb2ae07985b98ccba4846903213fce2eef7eafe8b671b12953fdebfc88fb22483296943ad72275175741bf935bc8aedfb
ssdeep: 49152:gsk9n/ddsvYd+4msDi9Dp/YNVPBNToMnYxyQk4m5alDf50:gsk9VOvYdPDe1p0VPzTooYt1llDe
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T11EC533E6194C95EAE08F11386D33798796A774C199CA9B346BFCCAC09F39DD81384633
sha3_384: 6d988552e25416ce566d445cfb9d578998f4f718dd8506f86fc9c597ed4ed1511a9e537e90556f062979ec00c0ef45a2
ep_bytes: 60be000074008dbe0010ccff57eb0b90
timestamp: 2011-07-16 08:32:53


Version Info:

0: [No Data]

Malware.AI.3166295582 also known as:

LionicTrojan.Win32.Cossta.4!c
DrWebTrojan.DownLoader6.20654
MicroWorld-eScanTrojan.GenericKD.39572073
FireEyeTrojan.GenericKD.39572073
McAfeeGenericRXAA-AA!08E1BD9A7239
CylanceUnsafe
SangforTrojan.Win32.Cossta.aiqq
K7AntiVirusTrojan ( 0046fc1a1 )
AlibabaTrojan:Win32/Cossta.0a650071
K7GWTrojan ( 0046fc1a1 )
Cybereasonmalicious.20ef27
BitDefenderThetaGen:NN.ZexaF.34638.CoHfaGvBFshi
SymantecML.Attribute.HighConfidence
ESET-NOD32Win32/Agent.POW
TrendMicro-HouseCallTROJ_GEN.R002H0CDR22
Paloaltogeneric.ml
ClamAVWin.Trojan.Agent-1227323
KasperskyTrojan.Win32.Cossta.aiqq
BitDefenderTrojan.GenericKD.39572073
NANO-AntivirusTrojan.Win32.Agent.dnwchb
AvastWin32:Trojan-gen
TencentWin32.Trojan.Cossta.Iir
Ad-AwareTrojan.GenericKD.39572073
SophosMal/Generic-S
ComodoMalware@#f152lgncfegx
ZillyaTrojan.Agent.Win32.399685
McAfee-GW-EditionBehavesLike.Win32.Dropper.vc
EmsisoftTrojan.GenericKD.39572073 (B)
GDataTrojan.GenericKD.39572073
JiangminTrojan.Cossta.vm
WebrootW32.Malware.Gen
AviraTR/Agent.2568704.2
MAXmalware (ai score=85)
ViRobotTrojan.Win32.Z.Agent.2568704.C
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 99)
ALYacTrojan.GenericKD.39572073
MalwarebytesMalware.AI.3166295582
APEXMalicious
RisingTrojan.Agent!8.B1E (CLOUD)
YandexTrojan.Agent!8+yJCqGXxfk
IkarusTrojan-Dropper.Agent
MaxSecureTrojan.Malware.300983.susgen
AVGWin32:Trojan-gen
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Malware.AI.3166295582?

Malware.AI.3166295582 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment