About “Malware.AI.3486104987” infection

The Malware.AI.3486104987 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.3486104987 virus can do?

Behavioural detection: Executable code extraction – unpacking
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid

How to determine Malware.AI.3486104987?


File Info:
name: 81D7CF3BA2EEE1B22DD3.mlw
path: /opt/CAPEv2/storage/binaries/12658847fbc09dd36c2e43a272eed0bbbc486e634acd2805cd378d7edb068bde
crc32: 1AF1964E
md5: 81d7cf3ba2eee1b22dd34a4033a87eaf
sha1: a792de9d2b00c98809c5c603a9e7d91b15d86168
sha256: 12658847fbc09dd36c2e43a272eed0bbbc486e634acd2805cd378d7edb068bde
sha512: 9339e34ccc3dc20c80af705803fb22a5cce1fa54bac1bac479c4048eabeef1b082d1fd5b746047f0af2530a8ed63fdcb63e3afbbd2c9b6634c0dee48a2e3aef2
ssdeep: 12288:spaJOmEtNeCnfPI4ZgkqUTfQu1sBIoPN/T73vEsOeVa9ms4mEtNeCnfPI4ZgkqUT:sISNTfw4ZJOV3vDQ8NTfw4ZJOV3vDQZ
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T178552337A68D0F10C076C0B21E639B0D5F1A3EAD04C7222F5A9B195B3F78BB6551D24E
sha3_384: 3ff59b35a353394211c247367e205c1688b8f1f7dcf663cbd9a902c3e2080d642548266d571e4805c2a8e49e8fb46b9b
ep_bytes: 6830c24000e8f0ffffff000000000000
timestamp: 2019-12-13 22:37:07

Version Info:
Translation: 0x0409 0x04b0
CompanyName: noOrg
ProductName: email_vpn
FileVersion: 1.00
ProductVersion: 1.00
InternalName: email_vpn
OriginalFilename: email_vpn.exe

Malware.AI.3486104987 also known as:

Bkav	W32.Common.18CCF280
Lionic	Trojan.Win32.PonyStealer.4!c
MicroWorld-eScan	Gen:Variant.PonyStealer.8
FireEye	Gen:Variant.PonyStealer.8
ALYac	Gen:Variant.PonyStealer.8
Cylance	unsafe
Sangfor	Trojan.Win32.Agent.Voqm
Cybereason	malicious.ba2eee
Symantec	ML.Attribute.HighConfidence
APEX	Malicious
BitDefender	Gen:Variant.PonyStealer.8
VIPRE	Gen:Variant.PonyStealer.8
McAfee-GW-Edition	BehavesLike.Win32.BadFile.tc
Emsisoft	Gen:Variant.PonyStealer.8 (B)
GData	Gen:Variant.PonyStealer.8
Antiy-AVL	Trojan/Win32.SGeneric
Arcabit	Trojan.PonyStealer.8
Microsoft	Trojan:Win32/Wacatac.B!ml
McAfee	Artemis!81D7CF3BA2EE
MAX	malware (ai score=87)
Malwarebytes	Malware.AI.3486104987
TrendMicro-HouseCall	TROJ_GEN.R002H09G923
Rising	Trojan.Fuery!8.EAFB (CLOUD)
MaxSecure	Trojan.Malware.12334671.susgen
BitDefenderTheta	Gen:NN.ZevbaF.36348.sn0@a4t!5Jhi
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_70% (D)

How to remove Malware.AI.3486104987?

Malware.AI.3486104987 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X