About “Malware.AI.3228395977” infection

The Malware.AI.3228395977 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.3228395977 virus can do?

Dynamic (imported) function loading detected
Authenticode signature is invalid
Anomalous .NET characteristics
Anomalous binary characteristics

How to determine Malware.AI.3228395977?


File Info:
name: E00A4941039EC630C6B3.mlw
path: /opt/CAPEv2/storage/binaries/bd4ba624e850bd6b3e0c2d481eca72a9d1891298d25b2d23c18c94196d4db649
crc32: E635F7C0
md5: e00a4941039ec630c6b347917323ed15
sha1: f93044ba063a4e8be5326e8bc51fa9ba6198de0b
sha256: bd4ba624e850bd6b3e0c2d481eca72a9d1891298d25b2d23c18c94196d4db649
sha512: d8e928476ed6ef07d171c82ebf18f70576e9874f14b50725bbb2cb36c4816cadd85a5077917a5756acab4853427f9493bf0cb6ed14a0898b11762f93809141fe
ssdeep: 6144:dXaAYAT908PCRLwcqcWhf6VPexvowGiT7uBXPuzS4Gz8k87CT3:dX1JPCaj5QPWDMu+4t7Cj
type: PE32+ executable (GUI) x86-64, for MS Windows
tlsh: T12B4423AC53CE8980CE9236766FCB5325B278D342CD15EAADCA482C464F77F872E415D4
sha3_384: 6529eba000bda8452ad93c4cb21a1b1efac34bb25844a9de51436331634607b18777db29b1ae5e29ae99b603d9dc7884
ep_bytes: 4d5a90000300000004000000ffff0000
timestamp: 2021-12-06 15:24:55

Version Info:
Translation: 0x0000 0x04b0
FileDescription:  
FileVersion: 0.0.0.0
InternalName: test5.exe
LegalCopyright:  
OriginalFilename: test5.exe
ProductVersion: 0.0.0.0
Assembly Version: 0.0.0.0

Malware.AI.3228395977 also known as:

Lionic	Trojan.MSIL.Phny.j!c
Elastic	malicious (high confidence)
DrWeb	Trojan.MulDrop19.12583
MicroWorld-eScan	Trojan.GenericKD.47580513
McAfee	Artemis!E00A4941039E
Cylance	Unsafe
K7AntiVirus	Trojan ( 0058970e1 )
Alibaba	Ransom:MSIL/Pucrpt.f164854a
K7GW	Trojan ( 0058970e1 )
Cybereason	malicious.a063a4
Symantec	Trojan.Gen.MBT
ESET-NOD32	a variant of MSIL/Kryptik.ADGR
TrendMicro-HouseCall	Ransom_Phny.R002C0DL621
Paloalto	generic.ml
ClamAV	Win.Packed.njRAT-7474448-0
Kaspersky	HEUR:Trojan-Ransom.MSIL.Phny.gen
BitDefender	Trojan.GenericKD.47580513
Avast	Win64:DropperX-gen [Drp]
Tencent	Msil.Trojan.Phny.Afha
Ad-Aware	Trojan.GenericKD.47580513
Emsisoft	Trojan.GenericKD.47580513 (B)
TrendMicro	Ransom_Phny.R002C0DL621
McAfee-GW-Edition	Artemis!Trojan
FireEye	Generic.mg.e00a4941039ec630
Sophos	Mal/Generic-S
SentinelOne	Static AI – Malicious PE
GData	MSIL.Backdoor.Bladabindi.U9YWWG
Webroot	W32.Dropper.Gen
Avira	HEUR/AGEN.1122383
MAX	malware (ai score=81)
Arcabit	Trojan.Generic.D2D60561
Microsoft	VirTool:Win32/Pucrpt.B!MTB
Cynet	Malicious (score: 99)
AhnLab-V3	Trojan/Win.Generic.C4623747
VBA32	TrojanRansom.MSIL.Phny
ALYac	Trojan.GenericKD.47580513
Malwarebytes	Malware.AI.3228395977
APEX	Malicious
Ikarus	Trojan.MSIL.Krypt
Fortinet	MSIL/Kryptik.ADGR!tr
AVG	Win64:DropperX-gen [Drp]
CrowdStrike	win/malicious_confidence_90% (W)

How to remove Malware.AI.3228395977?

Malware.AI.3228395977 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X