Malware

Malware.AI.3167015358 removal

Malware Removal

The Malware.AI.3167015358 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.3167015358 virus can do?

  • Sample contains Overlay data
  • Performs HTTP requests potentially not found in PCAP.
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • Authenticode signature is invalid
  • Attempts to modify proxy settings
  • Deletes executed files from disk

How to determine Malware.AI.3167015358?



File Info:

name: 0A2ED11434CD8EBA0015.mlw
path: /opt/CAPEv2/storage/binaries/54c1356c18bd3d8e3ee2ec5b4342a205b8e02b66c898622f5e734d421be08792
crc32: 45201FB5
md5: 0a2ed11434cd8eba001527c863cab104
sha1: 6997b82bb5b577778b40933881b71f850a20e4cc
sha256: 54c1356c18bd3d8e3ee2ec5b4342a205b8e02b66c898622f5e734d421be08792
sha512: 934e03c863fd0667832e703157302d08023e432c730b295f27c646c418f61968d83ee523858196b380d6810bd82dcc8fd045f0a0cf2c2dc0db1a20e3e72e4de9
ssdeep: 3072:krV1c41Utsu7pQhvamwuxoScnOV0DX0hwZyJXyYKJU7QKjcpvrtpbUEj1zD:ko4UPQdTwuKOaDE9BK0QKjcSutD
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T10AF30112A374A037F9731B701E7656039FF5B2281832631B5352ABB87A3778294EF750
sha3_384: a3bebed3b3477f0934468ea81794e448f26f62bbe8494c1647eda18d5ac58041597bec879eaef1c31f2b85af565507dc
ep_bytes: 81ecd40200005356576a205f33db6801
timestamp: 2017-08-01 00:35:01


Version Info:

Comments: Delivery tool
CompanyName: 
FileVersion: 2.6.1.4
InternalName: Grey Donkey
LegalCopyright: Grey Donkey. All rights reserved.
ProductName: Software delivery tool
ProductVersion: 2.6.1.4
Translation: 0x0409 0x04b0

Malware.AI.3167015358 also known as:

LionicTrojan.Win32.Generic.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Bulz.604706
FireEyeGeneric.mg.0a2ed11434cd8eba
ALYacGen:Variant.Bulz.604706
VIPREGen:Variant.Bulz.604706
Sangfor[NULLSOFT PIMP INSTALL SYSTEM7]
K7AntiVirusTrojan-Downloader ( 00518a0a1 )
K7GWTrojan-Downloader ( 00518a0a1 )
CrowdStrikewin/malicious_confidence_100% (D)
CyrenW32/Tovkater.P.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/TrojanDownloader.Tovkater.EQ
APEXMalicious
Paloaltogeneric.ml
ClamAVWin.Dropper.Tovkater-6646876-0
Kasperskynot-a-virus:AdWare.Win32.DLBoost.bhhd
BitDefenderGen:Variant.Bulz.604706
NANO-AntivirusTrojan.Win32.InstallMonster.etkanm
SUPERAntiSpywareTrojan.Agent/Gen-DownloaderTovkater
AvastWin32:Malware-gen
RisingTrojan.Generic@AI.100 (RDML:DHpVaEkp8nFY63HI0xNi/A)
Ad-AwareGen:Variant.Bulz.604706
SophosMal/Generic-S
ComodoApplication.Win32.InstallMonster.DX@7e9j3l
DrWebTrojan.InstallMonster.2392
ZillyaDownloader.Tovkater.Win32.482
TrendMicroTROJ_GEN.R002C0OJ921
McAfee-GW-EditionBehavesLike.Win32.VBobfus.cc
Trapminemalicious.moderate.ml.score
EmsisoftGen:Variant.Bulz.604706 (B)
SentinelOneStatic AI – Malicious PE
GDataGen:Variant.Bulz.604706
GoogleDetected
AviraHEUR/AGEN.1210120
MAXmalware (ai score=95)
Antiy-AVLTrojan/Generic.ASMalwS.3C54
ArcabitTrojan.Bulz.D93A22
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 100)
AhnLab-V3PUP/Win32.BundleInstaller.R233499
McAfeeArtemis!0A2ED11434CD
VBA32TrojanDownloader.Tovkater
MalwarebytesMalware.AI.3167015358
TrendMicro-HouseCallTROJ_GEN.R002C0OJ921
TencentWin32.Adware.Dlboost.Eos
YandexTrojan.InstallMonster!G/uNKE5JEIg
IkarusTrojan-Downloader.Win32.Tovkater
FortinetW32/Tovkater.EN!tr
BitDefenderThetaGen:NN.ZexaF.34592.hy0@aqW4RZdi
AVGWin32:Malware-gen
Cybereasonmalicious.434cd8
PandaTrj/Genetic.gen

How to remove Malware.AI.3167015358?

Malware.AI.3167015358 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment