Should I remove "Malware.AI.3443361005"?

The Malware.AI.3443361005 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Malware.AI.3443361005 virus can do?

Executable code extraction
Attempts to connect to a dead IP:Port (4 unique times)
Creates RWX memory
At least one IP Address, Domain, or File Name was found in a crypto call
Reads data out of its own binary image
Performs some HTTP requests
Unconventionial language used in binary resources: Chinese (Simplified)
The binary likely contains encrypted or compressed data.
The executable is compressed using UPX
Uses Windows utilities for basic functionality
Deletes its original binary from disk
Creates a hidden or system file
Attempts to modify proxy settings
Creates a copy of itself
Creates a slightly modified copy of itself

Related domains:

z.whorecord.xyz

open.baidu.com

a.tomx.xyz

www.baidu.com

ocsp.globalsign.com

www.jjfzg.com

crl.globalsign.com

ocsp2.globalsign.com

www.bing.com

How to determine Malware.AI.3443361005?


File Info:
crc32: 1E0FA017
md5: b6e9da048328cb9705d865254be5e5f2
name: B6E9DA048328CB9705D865254BE5E5F2.mlw
sha1: 992f223f5161acd4762eb4f3d53744259ae64f17
sha256: 3303c254d368d60868481742ddf903383221ae59794c5093f17bc6e39d4f2a4c
sha512: 0544a93f58b030754cfb8a573d7a944a913cb0c9a2c2782d4bd154158d2cef977bffb6935e68ed315fdadca56f60b03951a85378197847128ab68f24c52b78dd
ssdeep: 24576:lNZmx10MbLV156ODTWa63TDmrLOwFZpSygNcAZTKp4H8UWXxEJnhR3CajnjC:lNZm0Mbp15NXPEHmrHZpSygX2TUWyJnU
type: PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed

Version Info:
0: [No Data]

Malware.AI.3443361005 also known as:

Lionic	Trojan.Win32.Generic.4!c
Elastic	malicious (high confidence)
DrWeb	Trojan.Siggen6.37078
ClamAV	Win.Malware.Flystudio-9781846-0
CAT-QuickHeal	Trojan.MauvaiseRI.S5242799
ALYac	Gen:Variant.Mikey.18503
Cylance	Unsafe
Zillya	Trojan.FlyStudio.Win32.15473
Sangfor	Trojan.Win32.Save.a
CrowdStrike	win/malicious_confidence_60% (D)
K7GW	Trojan ( 005246d51 )
K7AntiVirus	Trojan ( 005246d51 )
Cyren	W32/S-9642dd0b!Eldorado
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/Packed.FlyStudio.AA potentially unwanted
APEX	Malicious
Avast	FileRepMalware
Cynet	Malicious (score: 100)
Kaspersky	not-a-virus:AdWare.Win32.Agent.gen
BitDefender	Gen:Variant.Mikey.18503
NANO-Antivirus	Trojan.Win32.TrjGen.duhkft
MicroWorld-eScan	Gen:Variant.Mikey.18503
Tencent	Malware.Win32.Gencirc.10b0d118
Ad-Aware	Gen:Variant.Mikey.18503
Sophos	Generic PUA JJ (PUA)
Comodo	TrojWare.Win32.Agent.OSCF@5rs7jr
BitDefenderTheta	Gen:NN.ZexaF.34170.CnHfa09eAYkb
VIPRE	Trojan.Win32.OnlineGames
McAfee-GW-Edition	BehavesLike.Win32.Generic.tc
FireEye	Generic.mg.b6e9da048328cb97
Emsisoft	Gen:Variant.Mikey.18503 (B)
SentinelOne	Static AI – Malicious PE
Avira	TR/Spy.Gen
eGambit	Unsafe.AI_Score_100%
Antiy-AVL	Trojan/Generic.ASCommon.FA
Microsoft	Trojan:Win32/Wacatac.B!ml
GData	Gen:Variant.Mikey.18503
Acronis	suspicious
McAfee	Artemis!B6E9DA048328
MAX	malware (ai score=81)
VBA32	BScope.Trojan.Advload
Malwarebytes	Malware.AI.3443361005
Ikarus	Trojan-Dropper.Age
MaxSecure	Trojan.Malware.121218.susgen
Fortinet	Riskware/FlyStudio
AVG	FileRepMalware
Paloalto	generic.ml

How to remove Malware.AI.3443361005?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

Should I remove “Malware.AI.3443361005”?