Malware.AI.3293824941 (file analysis)

The Malware.AI.3293824941 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.3293824941 virus can do?

Creates RWX memory
Dynamic (imported) function loading detected
The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid

How to determine Malware.AI.3293824941?


File Info:
name: 1FBB0FF7ED3D4E745608.mlw
path: /opt/CAPEv2/storage/binaries/54e24835adc56d271b442d0dfd552408867b5a5582226ec6b09622c743fe4a2d
crc32: 650DB233
md5: 1fbb0ff7ed3d4e74560874c0653ca74a
sha1: 01bf6d5750c3df1d5e29f19beb9e3174cc3868cb
sha256: 54e24835adc56d271b442d0dfd552408867b5a5582226ec6b09622c743fe4a2d
sha512: 88ae701d74765580a775b097f714d55eb4a00597505117707906e4cfc4b0d63312c6560cd744a19285ec524d0143027c8589802f87c69ec733bf6fa2310aa357
ssdeep: 49152:RLjZF/Qr+DD4STmPBGFz70yHd88+dzmjX1ZlYySnUeOJbuNdT463RwY0Tm+yAOVP:r2KkGF188+dzmjXqwJbuNdkywaF
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1F0166C23B284A53ED06B0F7A883BA658583F7F6139268C5F5BF4284C4F75581393B64B
sha3_384: 6fbb0ccd4ca527e8b390d6080a5246d2dc2a33d95739d2e2819f388af121cfd1a4699ced465d88efe99b5f805e4788f2
ep_bytes: 558bec83c4f0b86c7f7700e83cd6c8ff
timestamp: 2017-12-18 11:37:33

Version Info:
0: [No Data]

Malware.AI.3293824941 also known as:

Lionic	Trojan.Win32.Delf.4!c
Elastic	malicious (high confidence)
MicroWorld-eScan	Trojan.GenericKD.6309815
FireEye	Generic.mg.1fbb0ff7ed3d4e74
CAT-QuickHeal	Ransomware.Generic.ZZ5
McAfee	Artemis!1FBB0FF7ED3D
Malwarebytes	Malware.AI.3293824941
Zillya	Downloader.Delf.Win32.61182
Sangfor	Trojan.Win32.Delf.CGV
K7AntiVirus	Trojan-Downloader ( 005202de1 )
Alibaba	TrojanDownloader:Win32/Generic.9358c2e6
K7GW	Trojan-Downloader ( 005202de1 )
Cybereason	malicious.7ed3d4
BitDefenderTheta	AI:Packer.7322707318
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/TrojanDownloader.Delf.CGV
APEX	Malicious
BitDefender	Trojan.GenericKD.6309815
NANO-Antivirus	Trojan.Win32.Delf.ewempo
Avast	Win32:Malware-gen
Ad-Aware	Trojan.GenericKD.6309815
Emsisoft	Trojan.GenericKD.6309815 (B)
VIPRE	Trojan.Win32.Generic!BT
TrendMicro	TROJ_GEN.R002C0GLA21
McAfee-GW-Edition	BehavesLike.Win32.Generic.rh
Sophos	Mal/Generic-S
Ikarus	Trojan-Downloader.Win32.Delf
Avira	HEUR/AGEN.1105237
Microsoft	Trojan:Win32/Wacatac.B!ml
GData	Trojan.GenericKD.6309815
Cynet	Malicious (score: 99)
AhnLab-V3	Malware/Win32.Generic.C2392232
VBA32	TScope.Trojan.Delf
ALYac	Trojan.GenericKD.6309815
MAX	malware (ai score=87)
Cylance	Unsafe
TrendMicro-HouseCall	TROJ_GEN.R002C0GLA21
SentinelOne	Static AI – Suspicious PE
Fortinet	W32/Delf.CGV!tr.dldr
AVG	Win32:Malware-gen
Panda	Trj/GdSda.A
CrowdStrike	win/malicious_confidence_100% (W)

How to remove Malware.AI.3293824941?

Malware.AI.3293824941 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X