What is “Malware.AI.3284540609”?

The Malware.AI.3284540609 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.3284540609 virus can do?

Sample contains Overlay data
Presents an Authenticode digital signature
The binary contains an unknown PE section name indicative of packing

How to determine Malware.AI.3284540609?


File Info:
name: 5DE9E561E71F18984960.mlw
path: /opt/CAPEv2/storage/binaries/4c6571f9794238977f58db5e8ba3cc21116c22cb37f83a9847e0e75122fe1ec7
crc32: EC569515
md5: 5de9e561e71f1898496067389592fe4e
sha1: 847298c2207460a65756002eb7a5ddf04c11d4f1
sha256: 4c6571f9794238977f58db5e8ba3cc21116c22cb37f83a9847e0e75122fe1ec7
sha512: abf24f0eb03eca835ac605d4b04aaef8030239574444348afb091da86396dbfe0167ba007b882617e5aed6c80903cb86f9e676352cd0a06acc8f2bdc641b6ec9
ssdeep: 3072:VUJqlEiFPFFy5N/oLlCbkahiASzVL+yikNMca7HAJM:VLFON/bkahCMAJM
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T194F37B2174C1C873D8B7193158F8DA726E7CF9315F744AEB639807BA5F201C0AA39A67
sha3_384: 381b88664c85826a38f8b22a063a703e462b75cbb330164da0f266e7e7db0a93931aaf4f8aaf0beae18b2aeec0814a94
ep_bytes: e8cd050000e98efeffffff25c0c24100
timestamp: 2019-11-13 05:57:03

Version Info:
FileVersion: 12.1.1
ProductVersion: 12.2.2
Translation: 0x0409 0x04b0

Malware.AI.3284540609 also known as:

Lionic	Trojan.Win32.Agent.4!c
Elastic	malicious (high confidence)
DrWeb	BackDoor.Siggen2.3027
MicroWorld-eScan	Trojan.GenericKD.68257592
FireEye	Generic.mg.5de9e561e71f1898
McAfee	Artemis!5DE9E561E71F
Malwarebytes	Malware.AI.3284540609
Zillya	Trojan.BalkanDoor.Win32.4
Sangfor	Suspicious.Win32.Save.a
K7AntiVirus	Trojan ( 00559c1b1 )
Alibaba	Trojan:Win32/BalkanDoor.2ddc28bf
K7GW	Trojan ( 00559c1b1 )
Cybereason	malicious.1e71f1
BitDefenderTheta	Gen:NN.ZexaCO.36348.jC2@aKDXVuki
VirIT	Trojan.Win32.Genus.IHW
Symantec	ML.Attribute.HighConfidence
Zoner	Trojan.Win32.85524
Cynet	Malicious (score: 99)
BitDefender	Trojan.GenericKD.68257592
NANO-Antivirus	Trojan.Win32.BalkanDoor.ghtqac
Avast	Win32:DangerousSig [Trj]
Sophos	Troj/Balkan-A
F-Secure	Trojan.TR/Redcap.oleyo
VIPRE	Trojan.GenericKD.68257592
TrendMicro	TROJ_GEN.R002C0RGF23
McAfee-GW-Edition	Artemis!Trojan
Emsisoft	MalCert-S.AP (A)
Jiangmin	Trojan.Agent.cllm
Avira	TR/Redcap.oleyo
MAX	malware (ai score=100)
Antiy-AVL	Trojan/Win32.Tiggre
Xcitium	Malware@#15ypb52ynsppc
Arcabit	Trojan.Generic.D4118738
ZoneAlarm	Trojan.Win32.Agent.xacloo
GData	Trojan.GenericKD.68257592
Google	Detected
VBA32	Trojan.Agent
ALYac	Trojan.GenericKD.68257592
Cylance	unsafe
Panda	Trj/CI.A
TrendMicro-HouseCall	TROJ_GEN.R002C0RGF23
Tencent	Malware.Win32.Gencirc.1159a832
Yandex	Trojan.BalkanDoor!Bvxg0RI4b3Q
Ikarus	Trojan.Win32.Balkandoor
MaxSecure	Trojan.Malware.74696440.susgen
Fortinet	W32/BalkanDoor.C!tr
AVG	Win32:DangerousSig [Trj]
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_100% (W)

How to remove Malware.AI.3284540609?

Malware.AI.3284540609 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X