Malware

Should I remove “Malware.AI.3491082594”?

Malware Removal

The Malware.AI.3491082594 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.3491082594 virus can do?

  • Connects to crypto currency mining pool
  • Sample contains Overlay data
  • Uses Windows utilities for basic functionality
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • CAPE detected the CoinMiner02 malware family
  • A cryptomining command was executed
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Malware.AI.3491082594?



File Info:

name: 09D039EB31EA41FC53E4.mlw
path: /opt/CAPEv2/storage/binaries/d2080f6a9e1398236fe02c445cae8ae18ec16139b8a7b3bffb20a29beb5cec39
crc32: D2C3856A
md5: 09d039eb31ea41fc53e48c136edf3021
sha1: d97cd34ef65eb9dec2645a661f0e5c98769eee9d
sha256: d2080f6a9e1398236fe02c445cae8ae18ec16139b8a7b3bffb20a29beb5cec39
sha512: d9fe968412ed738f74b457bc50e8ba5d21f5ea64287ac529451a6a36ea9c96f0bc1255d2dc1c5cb7677b4c671f524d808f2002ccda6ded146d78373910ad1bcf
ssdeep: 98304:2seTQko4iYaFUyFX0RPbdeMnlaYuR51T0:8TQkPazB0Rzre5
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1BAE5235276C1A0F5E2730F3259B9C722A93C7C405F1ACAAFA3D0297EEB211C29735765
sha3_384: e38782dace1c2377281140914a63982855fa749cf38749df62b32100489d6cc1b5af291113b0abf372dd7c9aff316c9e
ep_bytes: e8c6040000e978feffffcccccccccccc
timestamp: 2023-10-03 07:51:19


Version Info:

0: [No Data]

Malware.AI.3491082594 also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Miner.tsvX
Elasticmalicious (moderate confidence)
DrWebTrojan.MulDrop24.52147
MicroWorld-eScanTrojan.GenericKD.71253246
ClamAVWin.Packed.Babar-10012967-0
CAT-QuickHealTrojan.CoinMiner
SkyhighBehavesLike.Win32.Generic.wc
McAfeeArtemis!09D039EB31EA
Cylanceunsafe
ZillyaTrojan.Generic.Win32.1827528
SangforCoinMiner.Win64.Agent.V2xt
K7AntiVirusRiskware ( 005622c31 )
AlibabaRiskWare:Win64/Miners.20fa8588
K7GWRiskware ( 005622c31 )
CrowdStrikewin/malicious_confidence_70% (D)
VirITTrojan.Win64.Genus.BJS
SymantecPUA.Gen.2
ESET-NOD32a variant of Win64/CoinMiner.IZ potentially unwanted
CynetMalicious (score: 100)
Kasperskynot-a-virus:HEUR:RiskTool.Win32.BitCoinMiner.gen
BitDefenderTrojan.GenericKD.71253246
NANO-AntivirusRiskware.Win64.BitCoinMiner.keeqag
AvastWin64:CoinminerX-gen [Trj]
TencentWin64.Risk.Bitminer.Simw
EmsisoftTrojan.GenericKD.71253246 (B)
F-SecurePotentialRisk.PUA/CoinMiner.bencb
VIPRETrojan.GenericKD.71253246
TrendMicroTROJ_GEN.R002C0DKN23
SophosGeneric Reputation PUA (PUA)
SentinelOneStatic AI – Malicious SFX
GDataWin32.Application.CoinMiner.Y
GoogleDetected
AviraPUA/CoinMiner.bencb
Antiy-AVLGrayWare/Win32.Wacapew
XcitiumApplicUnwnt@#21tod6o0kzkcr
ArcabitTrojan.Generic.D43F3CFE
ZoneAlarmnot-a-virus:HEUR:RiskTool.Script.BitMiner.gen
MicrosoftTrojan:Win64/DisguisedXMRigMiner
VaristW64/Coinminer.BN.gen!Eldorado
VBA32Trojan.Win64.XMRigMiner
ALYacTrojan.GenericKD.71253246
MalwarebytesMalware.AI.3491082594
TrendMicro-HouseCallTROJ_GEN.R002C0DKN23
RisingHackTool.XMRMiner!1.C2EC (CLASSIC)
YandexRiskware.Agent!g816SDY4n20
IkarusTrojan.Win64.DisguisedXMRigMiner
FortinetRiskware/CoinMiner.PO
AVGWin64:CoinminerX-gen [Trj]
Cybereasonmalicious.ef65eb
DeepInstinctMALICIOUS

How to remove Malware.AI.3491082594?

Malware.AI.3491082594 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment