Malware.AI.3385696161 removal guide

The Malware.AI.3385696161 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.3385696161 virus can do?

SetUnhandledExceptionFilter detected (possible anti-debug)
The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid

How to determine Malware.AI.3385696161?


File Info:
name: 9BF1A5CB5B81E7652F72.mlw
path: /opt/CAPEv2/storage/binaries/636e7a9cdaaef762e57485b73f3a1e9d06882bdcde562980f86a08517ef476ad
crc32: BAA2A79B
md5: 9bf1a5cb5b81e7652f72f83b6cbf43c7
sha1: ec849bb70421767edd640001daa073eafb2beb7e
sha256: 636e7a9cdaaef762e57485b73f3a1e9d06882bdcde562980f86a08517ef476ad
sha512: df00d6778ada900850250cb609e943ac23ccf24d108005f31f951e7a68a33ced45c869d50e570d4c9515a384a3347735c084071f8acbbf5d2c31f9fcfe07f209
ssdeep: 24576:sH4N+5oLL0F3sEIcKBJK8BpYyhGsOa/IDQyxUM8a2eZjc:sH4N3UFxIPA8ByyhTwM/M/XZw
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T17A355A52FAA390B2DC4B01B25646F26F5B21E611C824DECBFADC0D5DEF334A1661D362
sha3_384: 657b8865235c39a9f3c00c90311db771df99e8af5ad0432cabb74ba75b9b086c37120e5d697af85849e96e00abf8eaf7
ep_bytes: 5589e583ec18c7042401000000ff15b0
timestamp: 2009-12-04 13:35:59

Version Info:
0: [No Data]

Malware.AI.3385696161 also known as:

Lionic	Virus.Win32.Virut.n!c
MicroWorld-eScan	Gen:Malware.Heur.1.!copidmbe!.dHW@bun4upb
FireEye	Gen:Malware.Heur.1.!copidmbe!.dHW@bun4upb
ALYac	Gen:Malware.Heur.1.!copidmbe!.dHW@bun4upb
Cylance	Unsafe
VIPRE	Virus.Win32.Virut.ce.6 (v)
CrowdStrike	win/malicious_confidence_80% (W)
Alibaba	Virus:Win32/Virut.87b75a9b
Cyren	W32/Virut.AM.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
APEX	Malicious
BitDefender	Gen:Malware.Heur.1.!copidmbe!.dHW@bun4upb
NANO-Antivirus	Virus.Win32.Virut-Gen.bwpxnc
Avast	Win32:Patched-AJW [Trj]
Tencent	Virus.Win32.Virut.ua
Ad-Aware	Gen:Malware.Heur.1.!copidmbe!.dHW@bun4upb
Emsisoft	Gen:Malware.Heur.1.!copidmbe!.dHW@bun4upb (B)
McAfee-GW-Edition	BehavesLike.Win32.Virus.th
Sophos	Generic PUA OM (PUA)
Ikarus	Virus.Win32.Virut
GData	Gen:Malware.Heur.1.!copidmbe!.dHW@bun4upb
Jiangmin	Win32/Virut.bv
Avira	W32/Patched.Ren.Gen9
Microsoft	Trojan:Win32/Wacatac.B!ml
Cynet	Malicious (score: 99)
McAfee	Artemis!9BF1A5CB5B81
MAX	malware (ai score=88)
Malwarebytes	Malware.AI.3385696161
TrendMicro-HouseCall	TROJ_GEN.R002H0CL121
SentinelOne	Static AI – Suspicious PE
Fortinet	W32/PossibleThreat
BitDefenderTheta	Gen:NN.ZexaF.34062.dHW@aun4upb
AVG	Win32:Patched-AJW [Trj]
Cybereason	malicious.b5b81e

How to remove Malware.AI.3385696161?

Malware.AI.3385696161 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X