Malware

Should I remove “Malware.AI.3283516628”?

Malware Removal

The Malware.AI.3283516628 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.3283516628 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Dynamic (imported) function loading detected
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Presents an Authenticode digital signature
  • Possible date expiration check, exits too soon after checking local time
  • Unconventionial language used in binary resources: Korean

How to determine Malware.AI.3283516628?



File Info:

name: 62AF8A8AD04A8754D252.mlw
path: /opt/CAPEv2/storage/binaries/851683ff40b9c935f6e91a752af2248f559d8c496a78a2a61b48f3514bbf3d9e
crc32: EDA8C664
md5: 62af8a8ad04a8754d252eedab4c47b5e
sha1: 2d7129b33c56bb5a601d238479dfdaf8523f171f
sha256: 851683ff40b9c935f6e91a752af2248f559d8c496a78a2a61b48f3514bbf3d9e
sha512: b4376f5081e9fb4e56b5393692b7ce12b6fe1425282d24ad365f62c649c882f6949cfe639dd36d1eb1e6142bf24580012a0754b53892a9016372c8724f5cd44e
ssdeep: 98304:Pl4IhsDGguiTibd+l0laEbP/ErMs/IDYCWWbRZNQPkaH:WIhh24aQxW2ZNQP
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T16DF58E21BD5048B6FE2302318988F674F6EDA5F45BF541C772786B3C6A35893DA2C12B
sha3_384: f0f802e7da6df7e030f09df23a9e219e438b0bfbebe5e213cc3ae158a13f84274b571e6fb756b9019b8221ce7bacc988
ep_bytes: e8e50d0000e935feffffc20000558bec
timestamp: 2021-08-09 02:25:39


Version Info:

Comments: 
CompanyName: 
FileDescription: 
FileVersion: 1, 0, 0, 1
InternalName: ngpup
LegalCopyright: Copyright (C) 2017
LegalTrademarks: 
OriginalFilename: ngpup.EXE
PrivateBuild: 
ProductName: 
ProductVersion: 1, 0, 0, 1
SpecialBuild: 
Translation: 0x0412 0x04b0

Malware.AI.3283516628 also known as:

LionicTrojan.Win32.Generic.4!c
Elasticmalicious (high confidence)
MalwarebytesMalware.AI.3283516628
VIPRETrojan.Win32.Generic!BT
SangforTrojan.Win32.Sabsik.FL
CyrenW32/Trojan.MSZC-8642
SymantecML.Attribute.HighConfidence
AvastWin32:DangerousSig [Trj]
SophosMal/Generic-S (PUA)
McAfee-GW-EditionGenericRXPO-EO!62AF8A8AD04A
IkarusTrojan.Win32
Antiy-AVLTrojan/Generic.ASMalwS.350ABD7
ViRobotTrojan.Win32.Z.Agent.3374464
MicrosoftTrojan:Win32/Sabsik.FL.A!ml
AhnLab-V3PUP/Win.Generic.R462390
McAfeeGenericRXPO-EO!62AF8A8AD04A
VBA32BScope.Trojan.Adkor
CylanceUnsafe
MaxSecureTrojan.Malware.120644983.susgen
FortinetPossibleThreat.MU
AVGWin32:DangerousSig [Trj]
CrowdStrikewin/malicious_confidence_60% (D)

How to remove Malware.AI.3283516628?

Malware.AI.3283516628 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment