Malware

Malware.AI.3214257140 removal

Malware Removal

The Malware.AI.3214257140 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.3214257140 virus can do?

  • Executable code extraction
  • Injection (inter-process)
  • Injection (Process Hollowing)
  • Creates RWX memory
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary likely contains encrypted or compressed data.
  • Uses Windows utilities for basic functionality
  • Executed a process and injected code into it, probably while unpacking
  • Installs itself for autorun at Windows startup
  • Checks for the presence of known devices from debuggers and forensic tools
  • Created a service that was not started
  • Anomalous binary characteristics

How to determine Malware.AI.3214257140?



File Info:

crc32: 3CE77D42
md5: 7fbb092fec786076a07795f28ce50099
name: 7FBB092FEC786076A07795F28CE50099.mlw
sha1: 365bef0a7c845a05516cad7b27b651ca5178a3a4
sha256: e26935325d26e2ea7aba5a69da75c29de38e91a57ade187ace9bf61e25617320
sha512: 983574366f1ffff58e2fddc29dab7a2cd2739d3e8c4c572dd23cccacf6ed8e4cce4ccc294d386d7d69bfdbc34b56ccd49ca893eacd506565d4e2f318b13dc59b
ssdeep: 12288:/zWMpmVy6ZTME2S8Y9w2X3vUNFWVYQeUEF3Z4mxxMMPrvKOK6l1ZjRDq5:GwyT1DiA83+EQmXnPrCORc5
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: (C) Microsoft Corporation. All rights reserved.
InternalName: Wextract                
FileVersion: 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
CompanyName: Microsoft Corporation
ProductName: Microsoft(R) Windows(R) Operating System
ProductVersion: 6.00.2900.2180
FileDescription: Win32 Cabinet Self-Extractor                                           
OriginalFilename: WEXTRACT.EXE            
Translation: 0x0804 0x04b0

Malware.AI.3214257140 also known as:

BkavW32.AIDetect.malware1
K7AntiVirusTrojan ( 005376ae1 )
LionicTrojan.Win32.Hupigon.lriU
Elasticmalicious (high confidence)
DrWebTrojan.Packed.Based
CynetMalicious (score: 100)
ALYacGen:Trojan.ExplorerHijack.Qu1aaOc5SCfb
CylanceUnsafe
ZillyaTrojan.Packed.Win32.104458
SangforSuspicious.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (D)
AlibabaBackdoor:Win32/Hupigon.65570e14
K7GWTrojan ( 005376ae1 )
Cybereasonmalicious.fec786
CyrenW32/Hupigon.G.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32Win32/Packed.ASProtect.AAB
ZonerProbably Heur.ExeHeaderH
APEXMalicious
AvastWin32:Evo-gen [Susp]
KasperskyUDS:DangerousObject.Multi.Generic
BitDefenderGen:Trojan.ExplorerHijack.Qu1aaOc5SCfb
NANO-AntivirusTrojan.Win32.Hupigon.buyzb
MicroWorld-eScanGen:Trojan.ExplorerHijack.Qu1aaOc5SCfb
TencentWin32.Backdoor.Hupigon.bwjr
Ad-AwareGen:Trojan.ExplorerHijack.Qu1aaOc5SCfb
SophosML/PE-A + Mal/Behav-270
ComodoPacked.Win32.Aspack.AB@1s8lrk
BitDefenderThetaAI:Packer.B7A3A9DE1D
VIPRETrojan.Win32.Generic!BT
TrendMicroMal_Pai-6
McAfee-GW-EditionBehavesLike.Win32.Generic.jc
FireEyeGeneric.mg.7fbb092fec786076
EmsisoftGen:Trojan.ExplorerHijack.Qu1aaOc5SCfb (B)
JiangminBackdoor/Huigezi.2008.nze
WebrootW32.Bifrose.Gen
AviraTR/Dropper.Gen
eGambitGeneric.Malware
MicrosoftTrojan:Win32/Wacatac.B!ml
ArcabitTrojan.ExplorerHijack.Qu1aaOc5SCfb
GDataGen:Trojan.ExplorerHijack.Qu1aaOc5SCfb
AhnLab-V3Win-Trojan/Hupigon3.Gen
Acronissuspicious
McAfeeArtemis!7FBB092FEC78
MAXmalware (ai score=100)
VBA32Trojan-Dropper.Kaos
MalwarebytesMalware.AI.3214257140
PandaTrj/CI.A
TrendMicro-HouseCallMal_Pai-6
RisingBackdoor.Hupigon!1.6634 (CLASSIC)
YandexWorm.AutoRun!xNKOGH0hT8s
IkarusVirus.Win32.Oliga
MaxSecureTrojan.Malware.1701126.susgen
FortinetW32/Hupigon.GE!tr.bdr
AVGWin32:Evo-gen [Susp]

How to remove Malware.AI.3214257140?

Malware.AI.3214257140 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment