Malware.AI.3380407737 removal instruction

The Malware.AI.3380407737 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.3380407737 virus can do?

The binary likely contains encrypted or compressed data.
Authenticode signature is invalid
Binary file triggered YARA rule
Yara detections observed in process dumps, payloads or dropped files

How to determine Malware.AI.3380407737?


File Info:
name: C2464EB810463B80EB09.mlw
path: /opt/CAPEv2/storage/binaries/0ba2ea18f5052254d4b6c78b696b6927c8635ca98b4508dc1e848bd841785c94
crc32: 9E85348A
md5: c2464eb810463b80eb09ca39a060f631
sha1: 56325d288624738f6f4666a5a4e4d321a68f3b52
sha256: 0ba2ea18f5052254d4b6c78b696b6927c8635ca98b4508dc1e848bd841785c94
sha512: d312b1049a35c5c1cd4d28d9797180c8a60eabd7c42d38a8bcbd6616eb8ff1d3f9c085326df41d010f35a0820d26c21be2092abce3df3e036d5bdeaef6a4057a
ssdeep: 24576:ZCdxte/80jYLT3U1jfsWazlZkauvQxMLsyP41cQ:ow80cTsjkWaz+jTPk
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1D535AE2273DDC360CB669573FF69B7016EBB7C750630F85B2F880DB9A950161262C6A3
sha3_384: d2093f231b9f3cda8a43f79d8c181d8794dac31b35188cd3260d64e904fde0db19d8bddb8beeb3c3003b708a3ac1ce32
ep_bytes: e8b8d00000e97ffeffffcccccccccccc
timestamp: 2020-02-05 12:05:39

Version Info:
CompanyName: Rifbot
FileDescription: Rifbot
FileVersion: 1.5.9
LegalCopyright: © Rifbot
LegalTrademarks: Trademark Rifbot'
OriginalFilename: Rifbot.exe
ProductName: Rifbot
ProductVersion: 1.5.9
Translation: 0x0809 0x04b0

Malware.AI.3380407737 also known as:

Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.Nymeria.4!c
Elastic	malicious (high confidence)
MicroWorld-eScan	AIT:Trojan.Nymeria.740
FireEye	AIT:Trojan.Nymeria.740
Skyhigh	BehavesLike.Win32.TrojanAitInject.tc
McAfee	Artemis!C2464EB81046
Cylance	unsafe
Sangfor	Trojan.Win32.Agent.Vgec
Cybereason	malicious.810463
BitDefenderTheta	AI:Packer.090BC26D16
APEX	Malicious
BitDefender	AIT:Trojan.Nymeria.740
Sophos	Mal/Generic-S
VIPRE	AIT:Trojan.Nymeria.740
Emsisoft	AIT:Trojan.Nymeria.740 (B)
MAX	malware (ai score=80)
Microsoft	Trojan:Win32/Wacatac.B!ml
Arcabit	AIT:Trojan.Nymeria.740 [many]
GData	AIT:Trojan.Nymeria.740 (2x)
Varist	W32/AutoIt.QZ.gen!Eldorado
VBA32	Trojan.Autoit.F
ALYac	AIT:Trojan.Nymeria.740
Malwarebytes	Malware.AI.3380407737
TrendMicro-HouseCall	TROJ_GEN.R002H09AG24
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.73440315.susgen
Fortinet	W32/PossibleThreat
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_90% (W)

How to remove Malware.AI.3380407737?

Malware.AI.3380407737 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X