Malware

Malware.AI.3437349055 (file analysis)

Malware Removal

The Malware.AI.3437349055 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.3437349055 virus can do?

  • Creates RWX memory
  • Possible date expiration check, exits too soon after checking local time
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • A process created a hidden window
  • Authenticode signature is invalid
  • Created a process from a suspicious location
  • Anomalous binary characteristics

How to determine Malware.AI.3437349055?



File Info:

name: C80370F697F6C01A3E0E.mlw
path: /opt/CAPEv2/storage/binaries/dba5e71a2077ee2c9f1630560862633c55bf606ff4ca70a8448ff17ec4acab49
crc32: 0B8137B6
md5: c80370f697f6c01a3e0ee1a39d44127f
sha1: e459fb278bef35b7e4422a28a1cb1d50f0fd2a39
sha256: dba5e71a2077ee2c9f1630560862633c55bf606ff4ca70a8448ff17ec4acab49
sha512: 86ad11a2faa28ec51eccc3bb174a1a26af44d0db38cea79905811e3b772cab2653fd877da48745021add31226b4ab65cd5e8f855a0b179e07b34198d6b7b92ef
ssdeep: 384:lFFxBmppyRGn3SDyD+w5zYQ/T6Mgoh4YrX7G:zFxIppD+CT67oql
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1E6A29490D5E2A8F6F1BAC1B155B7C9999742F82130750F3E34CC72425972287B4BAF2B
sha3_384: 0b67b0ccf8c3aecb9f22247253a7289ef145ca34368f61baecc26f3b880a6d73c22ff2623b5b31e80fc4ac96436486a5
ep_bytes: 5383c4bc54ff15102040008b742404ff
timestamp: 2011-11-26 17:37:37


Version Info:

0: [No Data]

Malware.AI.3437349055 also known as:

Elasticmalicious (high confidence)
DrWebTrojan.DownLoad3.28161
MicroWorld-eScanTrojan.CryptoLocker.D
FireEyeGeneric.mg.c80370f697f6c01a
CAT-QuickHealTrojanDownloader.Upatre.A4
ALYacTrojan.CryptoLocker.D
CylanceUnsafe
ZillyaTrojan.Bublik.Win32.13386
SangforSuspicious.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaTrojanDownloader:Win32/Upatre.fe147ee8
K7GWTrojan-Downloader ( 0048f6391 )
K7AntiVirusTrojan-Downloader ( 0040f7f11 )
BitDefenderThetaGen:NN.ZexaF.34182.bmX@aiGj49mi
VirITTrojan.Win32.Zbot.GJP
CyrenW32/Trojan.OCBH-4239
SymantecDownloader.Upatre
ESET-NOD32Win32/TrojanDownloader.Waski.A
TrendMicro-HouseCallTROJ_UPATRE.SMBB
AvastWin32:Agent-AUID [Trj]
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderTrojan.CryptoLocker.D
NANO-AntivirusTrojan.Win32.DownLoad3.cvrjtr
SUPERAntiSpywareTrojan.Agent/Gen-Downloader
TencentMalware.Win32.Gencirc.10b9cf95
Ad-AwareTrojan.CryptoLocker.D
SophosML/PE-A + Mal/Upatre-A
ComodoTrojWare.Win32.Bublik.CEZE@595kvx
BaiduWin32.Trojan-Downloader.Waski.a
VIPRETrojan.Win32.Upatre.jr (v)
TrendMicroTROJ_UPATRE.SMBB
McAfee-GW-EditionBehavesLike.Win32.PWSZbot.mt
EmsisoftTrojan.CryptoLocker.D (B)
Paloaltogeneric.ml
GDataTrojan.CryptoLocker.D
JiangminTrojan/Bublik.gxz
AviraTR/Yarwi.A.31
Antiy-AVLTrojan/Win32.Bublik
ArcabitTrojan.CryptoLocker.D
ViRobotTrojan.Win32.Agent.19456.CX
ZoneAlarmHEUR:Trojan.Win32.Generic
MicrosoftTrojanDownloader:Win32/Upatre.AA
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Tepfer.R102048
Acronissuspicious
McAfeeDownloader-FSH
MAXmalware (ai score=94)
VBA32Trojan.Bublik
MalwarebytesMalware.AI.3437349055
APEXMalicious
RisingDownloader.Waski!1.A489 (RDMK:cmRtazpKltmUjSSkFAm/9StJOIi9)
YandexTrojan.Bublik!bljCT9d/eyg
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Upatre.Gen
FortinetW32/Upatre.BH!tr
AVGWin32:Agent-AUID [Trj]
PandaGeneric Malware

How to remove Malware.AI.3437349055?

Malware.AI.3437349055 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment