Malware

Malware.AI.3179045624 removal guide

Malware Removal

The Malware.AI.3179045624 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.3179045624 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Creates RWX memory
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Authenticode signature is invalid
  • Behavioural detection: Injection (inter-process)
  • Network activity detected but not expressed in API logs

Related domains:

wpad.local-net

How to determine Malware.AI.3179045624?



File Info:

name: 15A0ED2181077265322E.mlw
path: /opt/CAPEv2/storage/binaries/c59673e70ab60b54f6f9606811060fc8d221279a8e6d471997d48cf83e486a0f
crc32: 96AEFDD8
md5: 15a0ed2181077265322e12d3b32cc013
sha1: b5dd425f90bff5f8536a15d0ec77a27761a87c20
sha256: c59673e70ab60b54f6f9606811060fc8d221279a8e6d471997d48cf83e486a0f
sha512: 865ac82bc861b271d68ef7221a7ab6c41772cee9dcec5952f6c5461584ee93cdb2440cfb72842c28cec0ed302709c6010c22730ddd1cbfdedb1f1ea939fc33b3
ssdeep: 3072:ATSrHxmxtuzcMJbZ/OAycmP6mcz8zZcxveT+PZhhIrbxKYBS8eo2:AT2HMjsJl+CQZcQ6hhhFNt
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T16E644BD3B28076F0EE753E32601D4C96067BBD3E7E74745BBA84B50686BB1D1422AB13
sha3_384: 38e21978771b00d089d950cb6d57f8fa32e098cdb449d90207596e164ba4e504023fe5143570e0350ddb758098daf585
ep_bytes: e8b7370000e9000000006a1468403741
timestamp: 2017-02-27 13:22:22


Version Info:

0: [No Data]

Malware.AI.3179045624 also known as:

BkavW32.AIDetect.malware2
LionicTrojan.Win32.Crypt.4!c
McAfeeGenericR-OGC!15A0ED218107
MalwarebytesMalware.AI.3179045624
ZillyaTrojan.DllInject.Win32.6422
SangforTrojan.Win32.Agent.gen
K7AntiVirusUnwanted-Program ( 004f73301 )
K7GWUnwanted-Program ( 004f73301 )
Cybereasonmalicious.181077
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/DllInject.FH potentially unsafe
APEXMalicious
Paloaltogeneric.ml
CynetMalicious (score: 100)
BitDefenderGen:Variant.Trojan.Crypt.63
NANO-AntivirusTrojan.Win32.Special.emcfvt
MicroWorld-eScanGen:Variant.Trojan.Crypt.63
AvastWin32:Trojan-gen
RisingTrojan.Generic@ML.100 (RDML:WCKW3UGIUaNm34FeZA7Qyg)
Ad-AwareGen:Variant.Trojan.Crypt.63
EmsisoftGen:Variant.Trojan.Crypt.63 (B)
ComodoMalware@#2gzhoo7pigz2u
F-SecureHeuristic.HEUR/AGEN.1115449
VIPRETrojan.Win32.Generic!BT
TrendMicroTROJ_GEN.R002C0PGQ21
McAfee-GW-EditionBehavesLike.Win32.Generic.fm
FireEyeGeneric.mg.15a0ed2181077265
SophosGeneric PUA LF (PUA)
SentinelOneStatic AI – Malicious PE
GDataGen:Variant.Trojan.Crypt.63
WebrootW32.Trojan.Gen
AviraHEUR/AGEN.1115449
MAXmalware (ai score=100)
Antiy-AVLTrojan/Generic.ASMalwS.1EC69E7
KingsoftWin32.Troj.Generic.v.(kcloud)
ArcabitTrojan.Trojan.Crypt.63
SUPERAntiSpywareTrojan.Agent/Gen-Injector
MicrosoftTrojan:Win32/Occamy.CC5
VBA32BScope.Downloader.AdLoad
ALYacGen:Variant.Trojan.Crypt.63
CylanceUnsafe
TrendMicro-HouseCallTROJ_GEN.R002C0PGQ21
TencentTrojan.Win32.BitCoinMiner.la
YandexTrojan.GenAsa!qQZVBX5UBR4
eGambitUnsafe.AI_Score_97%
FortinetRiskware/DllInject
BitDefenderThetaGen:NN.ZexaF.34294.tuW@au@XrOnj
AVGWin32:Trojan-gen
PandaTrj/GdSda.A
MaxSecureTrojan.Malware.300983.susgen

How to remove Malware.AI.3179045624?

Malware.AI.3179045624 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment