Malware

Malware.AI.3357936832 removal tips

Malware Removal

The Malware.AI.3357936832 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.3357936832 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • Enumerates running processes
  • Repeatedly searches for a not-found process, may want to run with startbrowser=1 option
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Deletes its original binary from disk
  • Installs itself for autorun at Windows startup

How to determine Malware.AI.3357936832?



File Info:

name: C57A384B340E22B4F83D.mlw
path: /opt/CAPEv2/storage/binaries/f1dcb488ebb4522694ed5cb0315699d94a63ce9c60a558d416c71b97ba3487d3
crc32: A6710511
md5: c57a384b340e22b4f83dc3d582c83b2d
sha1: aded1f6cfbee77bfe7fd049f66501c9c948228e4
sha256: f1dcb488ebb4522694ed5cb0315699d94a63ce9c60a558d416c71b97ba3487d3
sha512: ca5b337e7638d0d17cd24e637d7bd0a033cb6fb36d8e64e6ee5cfa77b88f8d1829a463f4f5f67e009f97840634e7f0ab99920008f9ccd18f67ee9b4582cec156
ssdeep: 768:+t1uXqDR6Z5kwXqiHzZMw+lFBTBQBOv6:+G6DA5/rTZMJljBQBOv6
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T160C2E12AEC181BB6E8DADFBC376D0232462534554EDF13E91D94133538371A0673EB16
sha3_384: d9dbb41a102263e4e8599ef3aab2430ab63d98baa299edd5b970023660778f2ee0285af23e0c4c8a6e045d1b3540c450
ep_bytes: 60be003042008dbe00e0fdff5783cdff
timestamp: 2004-06-04 14:13:22


Version Info:

CompanyName: Khz Leak
FileDescription: Growl Page Idly
FileVersion: 70.93.26.105
InternalName: Font
LegalCopyright: Copyright © Anal Quips 2000-2007
OriginalFilename: Foam.exe
ProductName: Wagon
ProductVersion: 70.93.26.105
Translation: 0x0409 0x04b0

Malware.AI.3357936832 also known as:

BkavW32.AIDetect.malware2
LionicTrojan.Win32.Generic.lsFf
Elasticmalicious (high confidence)
DrWebTrojan.Winlock.3445
MicroWorld-eScanTrojan.Generic.6234539
FireEyeGeneric.mg.c57a384b340e22b4
ALYacTrojan.Generic.6234539
CylanceUnsafe
ZillyaTrojan.PornoAsset.Win32.224
SangforTrojan.Win32.Generic.ky
K7AntiVirusTrojan ( 0055e4091 )
AlibabaRansom:Win32/Trasbind.4e23adc2
K7GWTrojan ( 0055e4091 )
Cybereasonmalicious.b340e2
BitDefenderThetaGen:NN.ZexaF.34212.bmKfamoHvbni
SymantecTrojan.Ransomlock!gen4
ESET-NOD32Win32/LockScreen.AGD
TrendMicro-HouseCallTROJ_FRS.0NA103BL20
Paloaltogeneric.ml
ClamAVWin.Trojan.Pornoasset-584
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderTrojan.Generic.6234539
NANO-AntivirusTrojan.Win32.PornoAsset.dqkwe
TencentWin32.Trojan.Lockscreen.Sxxy
Ad-AwareTrojan.Generic.6234539
TACHYONTrojan/W32.PornoAsset.146432.B
EmsisoftTrojan.Generic.6234539 (B)
ComodoMalware@#pl2icqxnwnrk
VIPRETrojan.Win32.Generic!BT
TrendMicroTROJ_FRS.0NA103BL20
McAfee-GW-EditionArtemis!Trojan
SophosMal/Zbot-CX
JiangminTrojan/PornoAsset.eb
WebrootW32.Rogue.Pornoasset.Gen
AviraTR/Crypt.ULPM.Gen
GridinsoftRansom.Win32.Zbot.sa
ViRobotTrojan.Win32.Z.Pornoasset.26112.A
ZoneAlarmHEUR:Trojan.Win32.Generic
GDataTrojan.Generic.6234539
CynetMalicious (score: 100)
McAfeeArtemis!C57A384B340E
MAXmalware (ai score=100)
VBA32Hoax.PornoAsset
MalwarebytesMalware.AI.3357936832
APEXMalicious
RisingTrojan.Generic!8.C3 (CLOUD)
YandexTrojan.LockScreen!qxQNEtFsINY
SentinelOneStatic AI – Suspicious PE
MaxSecureTrojan.Malware.2401760.susgen
FortinetW32/Yakes.B!tr
PandaGeneric Malware
CrowdStrikewin/malicious_confidence_60% (W)

How to remove Malware.AI.3357936832?

Malware.AI.3357936832 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment