Malware

Malware.AI.3379067412 information

Malware Removal

The Malware.AI.3379067412 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.3379067412 virus can do?

  • Sample contains Overlay data
  • Performs HTTP requests potentially not found in PCAP.
  • Unconventionial language used in binary resources: Serbian (Cyrillic)
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Attempts to modify proxy settings
  • Creates a copy of itself
  • Deletes executed files from disk
  • Anomalous binary characteristics
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Malware.AI.3379067412?



File Info:

name: 79D48F6515B926D88D24.mlw
path: /opt/CAPEv2/storage/binaries/7b184ebaf99fbbd0ee262a15bb73a881020e563e6c1e0c7a2a7f28d0034e83ac
crc32: 9CB91485
md5: 79d48f6515b926d88d241c12ba0ba5a8
sha1: 45398881d4b96c6cf88c8284f764a0cbdf926a1a
sha256: 7b184ebaf99fbbd0ee262a15bb73a881020e563e6c1e0c7a2a7f28d0034e83ac
sha512: 43c1413802ee17eb1f04557e4d7a83b481e502836aa747e90882d942151c94a46aea3615054a9cd4e85e5e77ca7d7d39e2a7d6f586eae99cb3a652ce34c706ea
ssdeep: 49152:7QdF22vvFD4or/wp5hlO9nrTRVBFZ47t0PulLE9G80vEP0kU8cjhO49obekieTHe:2F2ivFhjhVBrPiLN8E4Bct79ole
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T16D266B02B6E69024F2F75730AD3C57290E767E559FB9C5EF924428C81DB06E0B9307AB
sha3_384: 1170944ce7a4e9e3856355492fbc568ff94268d3a2c6c4d60383e776b0838e8c56273d08e80f1d3e29ee41c557991a3c
ep_bytes: e87c050000e98efeffffa1f4ca440053
timestamp: 2019-08-06 05:00:00


Version Info:

LegalCopyright: Copyright Opera Software 2019
InternalName: Opera
FileVersion: 62.0.3331.116
CompanyName: Opera Software
ProductName: Opera Installer
ProductVersion: 62.0.3331.116
FileDescription: Opera Installer
Translation: 0x0409 0x04b0

Malware.AI.3379067412 also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Generic.4!c
Elasticmalicious (moderate confidence)
SkyhighPolyPatch-UPX
McAfeePolyPatch-UPX
MalwarebytesMalware.AI.3379067412
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 004bcce41 )
K7GWTrojan ( 004bcce41 )
CrowdStrikewin/malicious_confidence_90% (W)
SymantecML.Attribute.HighConfidence
CynetMalicious (score: 100)
SophosMal/Generic-S
SentinelOneStatic AI – Malicious PE
XcitiumPacked.Win32.MUPX.Gen@24tbus
MicrosoftProgram:Win32/Wacapew.C!ml
GoogleDetected
AhnLab-V3Malware/Win32.Generic.C3380364
RisingTrojan.Generic@AI.87 (RDML:+B/ajCgdHAOZHF/8SKhOuA)
IkarusTrojan.Win32.Krypt
MaxSecureTrojan.Malware.1912505.susgen
DeepInstinctMALICIOUS

How to remove Malware.AI.3379067412?

Malware.AI.3379067412 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment