Malware

About “Malware.AI.3385387844” infection

Malware Removal

The Malware.AI.3385387844 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.3385387844 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Dynamic (imported) function loading detected
  • Expresses interest in specific running processes
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Installs itself for autorun at Windows startup
  • Attempts to disable or modify Explorer Folder Options
  • Attempts to disable System Restore
  • Attempts to modify Explorer settings to prevent file extensions from being displayed
  • Attempts to modify Explorer settings to prevent hidden files from being displayed

How to determine Malware.AI.3385387844?



File Info:

name: AA655D0F1AC3164F6395.mlw
path: /opt/CAPEv2/storage/binaries/c22789c6505fe7978664b80a83d4d7269c00410198696f8d7d989b70b905e51e
crc32: 5475B024
md5: aa655d0f1ac3164f6395a61eaa5005c8
sha1: 00068f24036380e62369bd20e1182d24faf44d2e
sha256: c22789c6505fe7978664b80a83d4d7269c00410198696f8d7d989b70b905e51e
sha512: d1f5e4c96fca608f293519efcbe9003cdb2e32cbd94f6479c43772c2eadbf44886061795d9099b535f1eb6067e6d75344c650549c6279b0c7326088ce5ce30e4
ssdeep: 1536:yOcjUpkWb2TTghpwukOcjUpkWb2TTghpwuh:yOcjWJuutkOcjWJuuth
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1C8939D037B17E00DF624C9395A0641AD63857EA18E037E6BA2253E7B3E375C62E47732
sha3_384: 2c9774b294dd78866da568264e65e6161d1d8a7658d4abe4dcb48e86b23ab11037b2f7a4646f3e22886786b526ddb770
ep_bytes: 60be007041008dbe00a0feff5783cdff
timestamp: 2006-07-15 11:26:47


Version Info:

Translation: 0x0409 0x04b0
ProductName: 4k51k4
FileVersion: 1.12.1985
ProductVersion: 1.12.1985
InternalName: 4K51K4
OriginalFilename: 4K51K4.exe

Malware.AI.3385387844 also known as:

BkavW32.AIDetect.malware2
Elasticmalicious (high confidence)
CynetMalicious (score: 100)
FireEyeGeneric.mg.aa655d0f1ac3164f
CAT-QuickHealWorm.Ludbaruma.A3
ALYacGen:Trojan.Heur.fmNfrfA5ltpib
CylanceUnsafe
ZillyaWorm.Brontok.Win32.1192
CrowdStrikewin/malicious_confidence_100% (W)
K7GWTrojan ( 0040f6141 )
K7AntiVirusTrojan ( 0040f6141 )
BaiduWin32.Worm.VB.k
CyrenW32/A-b40369a2!Eldorado
SymantecTrojan Horse
ESET-NOD32a variant of Win32/VB.ET
APEXMalicious
ClamAVLegacy.Trojan.Agent-1388589
KasperskyEmail-Worm.Win32.Brontok.w
BitDefenderGen:Trojan.Heur.fmNfrfA5ltpib
NANO-AntivirusTrojan.Win32.Brontok.eultyo
SUPERAntiSpywareWorm.Brontok
MicroWorld-eScanGen:Trojan.Heur.fmNfrfA5ltpib
AvastWin32:Brontok-BY [Wrm]
TencentWorm.Win32.Brontok.d
Ad-AwareGen:Trojan.Heur.fmNfrfA5ltpib
EmsisoftGen:Trojan.Heur.fmNfrfA5ltpib (B)
ComodoTrojWare.Win32.Regrun.Q@1gs3xh
DrWebWin32.HLLM.Generic.411
VIPRETrojan.Win32.Generic!BT
TrendMicroWORM_BRONTOK.W
McAfee-GW-EditionBehavesLike.Win32.YahLover.nh
SophosML/PE-A + Mal/VB-F
SentinelOneStatic AI – Malicious PE
GDataGen:Trojan.Heur.fmNfrfA5ltpib
JiangminWorm/Brontok.kd
AviraWORM/Brontok.W.2
MAXmalware (ai score=81)
Antiy-AVLTrojan/Generic.ASMalwS.9652B5
KingsoftHeur.SSC.2773342.1216.(kcloud)
ViRobotI-Worm.Win32.A.Brontok.93802[UPX]
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
AhnLab-V3Worm/Win32.VB.R42952
McAfeeW32/YahLover.worm.gen.b
VBA32Worm.Brontok
MalwarebytesMalware.AI.3385387844
TrendMicro-HouseCallWORM_BRONTOK.W
RisingWorm.VBInjectEx!1.99E6 (CLASSIC)
YandexI-Worm.Brontok!4gJwN60hfZM
IkarusTrojan.Win32.KillAV
eGambitUnsafe.AI_Score_97%
FortinetW32/Brontok.W!worm
BitDefenderThetaAI:Packer.713B26661D
AVGWin32:Brontok-BY [Wrm]
Cybereasonmalicious.f1ac31
PandaTrj/Vilsel.AF
MaxSecureTrojan.Malware.300983.susgen

How to remove Malware.AI.3385387844?

Malware.AI.3385387844 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment