Malware

Malware.AI.3385402391 removal instruction

Malware Removal

The Malware.AI.3385402391 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.3385402391 virus can do?

  • Executable code extraction
  • Injection (inter-process)
  • Injection (Process Hollowing)
  • Creates RWX memory
  • Reads data out of its own binary image
  • The binary likely contains encrypted or compressed data.
  • Executed a process and injected code into it, probably while unpacking
  • Checks for the presence of known windows from debuggers and forensic tools
  • Creates or sets a registry key to a long series of bytes, possibly to store a binary or malware config
  • Installs itself for autorun at Windows startup
  • Creates a hidden or system file
  • Network activity detected but not expressed in API logs
  • Creates a copy of itself
  • Anomalous binary characteristics

How to determine Malware.AI.3385402391?



File Info:

crc32: 4FA60D00
md5: b0789ac45558b2fb7dba6a009dde4af4
name: B0789AC45558B2FB7DBA6A009DDE4AF4.mlw
sha1: fda67d489ae57a9586370262356e77bcea14d310
sha256: dd2a946d98004586e9bbdff4c1ebed73cd6bd48bb69c7ef63044ed69a9cdadf5
sha512: 22821ecdd6453abd380256d929ea61de92dacb25762013720806af7a7d05128d9dc1dab8f90abbc47501181924632a6dd181a1740c76c101152b8e0c653b7038
ssdeep: 24576:UnRO61axwe5a5KhPbGQXaPxb6r7klUObrantF3XfWrDzJrPg6wYTU:UnRO6omew5KhPbGQXsxbqklUOb2nXfkW
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

Translation: 0x0409 0x04b0
LegalCopyright: VodaFoNE
InternalName: Dishclout
FileVersion: 1.00.0008
LegalTrademarks: Disc soft LTD
Comments: AhnLAB, Inc.
ProductName: Vortex teaM
ProductVersion: 1.00.0008
FileDescription: xamaSOft
OriginalFilename: Dishclout.exe

Malware.AI.3385402391 also known as:

Elasticmalicious (high confidence)
MicroWorld-eScanGen:Heur.PonyStealer.in0@d4Dkbwji
FireEyeGeneric.mg.b0789ac45558b2fb
McAfeePacked-MI!B0789AC45558
CylanceUnsafe
VIPRETrojan.Win32.Generic!BT
SangforMalware
K7AntiVirusP2PWorm ( 004cd22c1 )
BitDefenderGen:Heur.PonyStealer.in0@d4Dkbwji
K7GWP2PWorm ( 004cd22c1 )
Cybereasonmalicious.45558b
BitDefenderThetaGen:NN.ZevbaF.34804.in0@a4Dkbwji
SymantecML.Attribute.HighConfidence
APEXMalicious
Paloaltogeneric.ml
KasperskyTrojan.Win32.VBKrypt.xlbe
NANO-AntivirusTrojan.Win32.VBKrypt.ercyyl
TencentWin32.Trojan.Vbkrypt.Pdca
Ad-AwareGen:Heur.PonyStealer.in0@d4Dkbwji
EmsisoftGen:Heur.PonyStealer.in0@d4Dkbwji (B)
F-SecureHeuristic.HEUR/AGEN.1128740
ZillyaTrojan.VBKrypt.Win32.272405
TrendMicroTrojanSpy.Win32.LOKI.SM.hp
McAfee-GW-EditionBehavesLike.Win32.PWSZbot.tc
SophosML/PE-A + Mal/FareitVB-M
IkarusWorm.Win32.AutoRun
eGambitUnsafe.AI_Score_99%
AviraHEUR/AGEN.1128740
Antiy-AVLTrojan/Win32.VBKrypt
MicrosoftVirTool:Win32/VBInject.OW!bit
ArcabitTrojan.PonyStealer.E9D407
ZoneAlarmTrojan.Win32.VBKrypt.xlbe
GDataGen:Heur.PonyStealer.in0@d4Dkbwji
CynetMalicious (score: 100)
AhnLab-V3Win-Trojan/VBKrypt.RP.X1764
VBA32Trojan.VBKrypt
ALYacGen:Heur.PonyStealer.in0@d4Dkbwji
MAXmalware (ai score=83)
MalwarebytesMalware.AI.3385402391
PandaTrj/GdSda.A
ESET-NOD32Win32/AutoRun.Delf.LV
TrendMicro-HouseCallTrojanSpy.Win32.LOKI.SM.hp
RisingTrojan.Injector!1.B459 (CLASSIC)
YandexTrojan.GenAsa!a9Z6JIQjhrw
SentinelOneStatic AI – Malicious PE
FortinetW32/GenKryptik.ALGE!tr
AVGWin32:Malware-gen
AvastWin32:Malware-gen
CrowdStrikewin/malicious_confidence_100% (D)
Qihoo-360Win32/Trojan.775

How to remove Malware.AI.3385402391?

Malware.AI.3385402391 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment