Malware.AI.3361496559 (file analysis)

The Malware.AI.3361496559 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.3361496559 virus can do?

The binary contains an unknown PE section name indicative of packing
The executable is compressed using UPX
Authenticode signature is invalid

How to determine Malware.AI.3361496559?


File Info:
name: EACF90F0A7FF63B8E8D5.mlw
path: /opt/CAPEv2/storage/binaries/e2ed257be12912bfcedab5dd56187e43b14ffbb323ddf64e155cec1ee5a280ce
crc32: 1CDE3ABE
md5: eacf90f0a7ff63b8e8d54dca30f08124
sha1: 803b245576f350528e3c24d27e19e9ac68d2dd57
sha256: e2ed257be12912bfcedab5dd56187e43b14ffbb323ddf64e155cec1ee5a280ce
sha512: 845fc062502844349c72a65f904f69921bfc7f71bd60d44edb3b1a3b0567a84fce2f4d3b3c69edbfcf39e984aa3d7b326f50c4f61ffa05595cc12e26a06edefb
ssdeep: 3072:Y6vDR2KrO2nyhOjh0aylE5gVKVWa2BReelu6G3M32UCGK:Yck2nyhPameelG31U
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1BA542913B3EB94ADD9B376B50EEAC366D733B9188723811F32D51A6FDE119404E22271
sha3_384: da083b49ebd7b26921fc9a1d0a395d411230155b78f72d514e459b2dd2c5ca3697e9e509a770ec8365821d3c4258a699
ep_bytes: 60be000047008dbe0010f9ff57eb0b90
timestamp: 2010-04-16 07:47:33

Version Info:
0: [No Data]

Malware.AI.3361496559 also known as:

Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.Fragtor.4!c
tehtris	Generic.Malware
MicroWorld-eScan	Gen:Variant.Fragtor.158122
FireEye	Generic.mg.eacf90f0a7ff63b8
ALYac	Gen:Variant.Fragtor.158122
Cylance	unsafe
VIPRE	Gen:Variant.Fragtor.158122
Sangfor	Trojan.Win32.Save.a
CrowdStrike	win/malicious_confidence_90% (W)
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (moderate confidence)
APEX	Malicious
Cynet	Malicious (score: 100)
BitDefender	Gen:Variant.Fragtor.158122
Avast	Win32:Malware-gen
Emsisoft	Gen:Variant.Fragtor.158122 (B)
McAfee-GW-Edition	BehavesLike.Win32.RealProtect.dz
Sophos	Generic ML PUA (PUA)
SentinelOne	Static AI – Suspicious PE
GData	Gen:Variant.Fragtor.158122
Antiy-AVL	Trojan/Win32.SGeneric
Xcitium	TrojWare.Win32.Downloader.Generic.jiu@2q2u5s
Arcabit	Trojan.Fragtor.D269AA
Microsoft	Trojan:Win32/Wacatac.B!ml
Google	Detected
AhnLab-V3	Trojan/Win32.Phires.R1344
McAfee	Artemis!EACF90F0A7FF
MAX	malware (ai score=87)
Malwarebytes	Malware.AI.3361496559
TrendMicro-HouseCall	TROJ_GEN.R002H0CH223
Ikarus	Trojan.Autoit
Fortinet	W32/ULPM.16C0!tr
BitDefenderTheta	Gen:NN.ZexaF.36348.rmW@aG5Nvshi
AVG	Win32:Malware-gen
DeepInstinct	MALICIOUS

How to remove Malware.AI.3361496559?

Malware.AI.3361496559 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X