Malware

Malware.AI.3249646718 removal tips

Malware Removal

The Malware.AI.3249646718 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.3249646718 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Attempts to connect to a dead IP:Port (1 unique times)
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid

Related domains:

wpad.local-net

How to determine Malware.AI.3249646718?



File Info:

name: AA9E1C8E7B41397DE320.mlw
path: /opt/CAPEv2/storage/binaries/71c4ebe7a445d904dc9966070add671751935f18fb84a1ddfc6e0aa25bdddbe3
crc32: 90803030
md5: aa9e1c8e7b41397de32057238e46f5a5
sha1: d821173538c5634505dc6bb2af55d35301f1c9d7
sha256: 71c4ebe7a445d904dc9966070add671751935f18fb84a1ddfc6e0aa25bdddbe3
sha512: 3fbd528e67c6ff0acfc187dcda0a058b5b9031e598cca6468e61b402765595ba28f51d6319e170f7d398b92b6f9a89d6ad17f99246e5ae8da5514da5903c94eb
ssdeep: 768:aSk47yRhfEqTIYv4gKNwFPXfQKHi5fauItt0:DMEqTIm4gKN2PXfQKHYyuu0
type: PE32+ executable (console) x86-64, for MS Windows
tlsh: T1DF5383D57AD88C9AEA14423C41EAD332267DB9E0C7534B1326347A321F12FE17AD725E
sha3_384: bbf7a2360be372d9413b2279e77919cfdd804b4bc85e03949957bde090ccecf7aff75c7b14ce1c055c0bf1c64030d213
ep_bytes: 4883ec28488b05953f0000c700000000
timestamp: 2021-08-01 13:58:02


Version Info:

0: [No Data]

Malware.AI.3249646718 also known as:

LionicTrojan.Win32.Rozena.4!c
MicroWorld-eScanTrojan.GenericKD.37332563
FireEyeGeneric.mg.aa9e1c8e7b41397d
McAfeeArtemis!AA9E1C8E7B41
CylanceUnsafe
VIPRETrojan.Win32.Generic!BT
K7AntiVirusTrojan ( 0057fa291 )
AlibabaTrojan:Win64/Rozena.ffe16686
K7GWTrojan ( 0057fa291 )
CrowdStrikewin/malicious_confidence_60% (W)
CyrenW64/Autorun.EO.gen!Eldorado
SymantecTrojan.Gen.MBT
ESET-NOD32a variant of Win64/Rozena.KZ
TrendMicro-HouseCallTROJ_GEN.R002H0CH421
BitDefenderTrojan.GenericKD.37332563
AvastWin64:MalwareX-gen [Trj]
TencentWin32.Trojan.Generic.Loru
Ad-AwareTrojan.GenericKD.37332563
EmsisoftTrojan.GenericKD.37332563 (B)
McAfee-GW-EditionArtemis
SophosMal/Generic-S
IkarusTrojan.Win64.Rozena
GDataTrojan.GenericKD.37332563
AviraTR/Rozena.snnvb
MAXmalware (ai score=88)
ArcabitTrojan.Generic.D239A653
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 100)
ALYacTrojan.GenericKD.37332563
MalwarebytesMalware.AI.3249646718
YandexTrojan.Rozena!DeoGUWb89gw
FortinetW64/Rozena.KZ!tr
AVGWin64:MalwareX-gen [Trj]

How to remove Malware.AI.3249646718?

Malware.AI.3249646718 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment