Malware

Malware.AI.3374263632 removal

Malware Removal

The Malware.AI.3374263632 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.3374263632 virus can do?

  • Sample contains Overlay data
  • Uses Windows utilities for basic functionality
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • Unconventionial language used in binary resources: Russian
  • Authenticode signature is invalid
  • Uses Windows utilities to create a scheduled task
  • CAPE detected the shellcode patterns malware family
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Malware.AI.3374263632?



File Info:

name: B850D64432E1BEA35DA3.mlw
path: /opt/CAPEv2/storage/binaries/afcbbb5c3e9210d66901e8e372819aa122bf0fb3318ba67d01463626d4b97817
crc32: CD99DAEF
md5: b850d64432e1bea35da3f0c848116ed1
sha1: 152a576486ec325ce6d9d476e553cff51946324e
sha256: afcbbb5c3e9210d66901e8e372819aa122bf0fb3318ba67d01463626d4b97817
sha512: d9e43e68a7f21fd94641153808f4a4adccd66d5623574fd2cdd66372efc42407ee4f922bf0426480a3ad3cec02d319dc932ced8aa67160e6a534ce1c707a47ec
ssdeep: 98304:np51yz69B6FTAnoebwMZjt7IOn2uVBY+P53toC/aPq6yd:np/qCBuAnoywMZn2uVBY+MwaCr
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T12C2633137FF1FAF6C69471349574E73229EDC25E5B198AF78B800E0A5E2A6C4127A3C1
sha3_384: 483959a275e894836c10f007919d438b7adcdd7adde7ea878d503ad3c9768d4865105c56944e05c8505226d6623c1288
ep_bytes: 558bec6aff6880c4410068f095410064
timestamp: 2012-05-28 09:05:18


Version Info:

CompanyName: MAGIX Computer Products Intl. Co.
LegalCopyright: Copyright (c) 2016 MAGIX Software GmbH. All rights reserved.
ProductName: VEGAS Pro
FileVersion: 14.0.0.211
OriginalFilename: VEGAS140.EXE
FileDescription: VEGAS Pro
InternalName: VEGAS140.EXE
ProductVersion: 14.0.0.211
Created: 7z SFX Constructor v4.6.0.0 (http://usbtor.ru/viewtopic.php?t=798)
Builder: ahileeeeeess 12:09:41 28/01/2024
Translation: 0x0000 0x04b0

Malware.AI.3374263632 also known as:

ClamAVWin.Malware.7zip-10013374-0
SkyhighBehavesLike.Win32.Dropper.rc
McAfeeArtemis!B850D64432E1
Cylanceunsafe
SangforTrojan.Win32.Agent.Vby8
CrowdStrikewin/malicious_confidence_100% (W)
Elasticmalicious (high confidence)
ESET-NOD32Win32/Packed.7Zip.AI
AvastWin32:Malware-gen
CynetMalicious (score: 100)
KasperskyTrojan-Dropper.Win32.Agent.tfqfas
TencentWin32.Trojan-Dropper.Agent.Wimw
F-SecureTrojan.TR/Drop.Agent.imtrc
SophosMal/Generic-S
GDataWin32.Trojan.Agent.UW31ER
VaristW32/Bulz.BZ.gen!Eldorado
AviraTR/Drop.Agent.imtrc
Antiy-AVLTrojan[Packed]/Win32.7Zip
ZoneAlarmTrojan-Dropper.Win32.Agent.tfqfas
MicrosoftTrojan:Win32/Wacatac.B!ml
MalwarebytesMalware.AI.3374263632
PandaTrj/Chgt.AD
RisingStealer.Agent/SFX!1.F3AF (CLASSIC)
IkarusTrojan.Win32.7zip
FortinetW32/PossibleThreat
AVGWin32:Malware-gen
DeepInstinctMALICIOUS

How to remove Malware.AI.3374263632?

Malware.AI.3374263632 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment