Malware

Malware.AI.3502774565 (file analysis)

Malware Removal

The Malware.AI.3502774565 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.3502774565 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • Unconventionial language used in binary resources: Russian
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • A scripting utility was executed
  • Uses Windows utilities for basic functionality
  • Uses Windows utilities for basic functionality
  • Attempts to disable Windows Defender
  • Attempts to modify Windows Defender using PowerShell
  • Uses suspicious command line tools or Windows utilities

How to determine Malware.AI.3502774565?



File Info:

name: C5A35F45DB03125ADB4A.mlw
path: /opt/CAPEv2/storage/binaries/50433cd0f499c441ee7bd70cfd1256c9d6df15cb5dca4e83d0ae9df423165501
crc32: 94C95BCE
md5: c5a35f45db03125adb4ae45a888496ed
sha1: b1cf4b210761c2efbc2da1b1d7ca603abc9f9dd1
sha256: 50433cd0f499c441ee7bd70cfd1256c9d6df15cb5dca4e83d0ae9df423165501
sha512: 9fb8ade0b26ab35febfa6e87abbb6dec4b2e004ea16311970b04257606387fa258db33bae8fa002aabb8f99bc3cad856fd184cb8f4decf7b8707d3432453bfd9
ssdeep: 98304:iXz+Ii9eCURtJdcLGQHd/TUW90WC6C6Bi4lqYccAQDMrcMrcpW:KKZZURtgLGQHqb2ndsTDQDMAMrV
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1DB1633743583C27BCAB10534AE0F926CB235FE045BBC69CB63DA1A6C5D33AE61970167
sha3_384: 955e912c2c6296ceacdc343f33b00d4e2529213d73b158f74d8fd60fc247a175cd99abd354e91bac950f46e6a0c2d28f
ep_bytes: 558bec83c4f0b888534200e824f2fdff
timestamp: 1992-06-19 22:22:17


Version Info:

Comments: 
CompanyName: Pure Onyx                                                   
FileDescription: Pure Onyx 0.64.1 Installation                               
FileVersion: 0.64.1              
LegalCopyright: Pure Onyx                                                                                           
Translation: 0x0409 0x04e4

Malware.AI.3502774565 also known as:

BkavW32.AIDetect.malware2
LionicTrojan.Win32.Dizemp.4!c
MicroWorld-eScanTrojan.GenericKD.62452326
FireEyeTrojan.GenericKD.62452326
ALYacTrojan.GenericKD.62452326
CylanceUnsafe
VIPRETrojan.GenericKD.62452326
SangforTrojan.Win32.Save.a
K7AntiVirusCryptoMiner ( 0051b7f11 )
AlibabaTrojan:Win32/Dizemp.16aacdc7
K7GWCryptoMiner ( 0051b7f11 )
CyrenW64/ABMiner.JQMI-6354
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win64/CoinMiner.FQ
APEXMalicious
Paloaltogeneric.ml
CynetMalicious (score: 100)
KasperskyTrojan.Win32.Dizemp.lzq
BitDefenderTrojan.GenericKD.62452326
NANO-AntivirusRiskware.Win64.CoinMiner.jqdldr
AvastWin64:Evo-gen [Trj]
TencentWin64.Trojan.Coinminer.Qwhl
Ad-AwareTrojan.GenericKD.62452326
EmsisoftTrojan.GenericKD.62452326 (B)
DrWebTool.Nssm.6
TrendMicroTROJ_GEN.R002C0PJ122
McAfee-GW-EditionAgent-FSQ!C5A35F45DB03
Trapminemalicious.moderate.ml.score
SophosMal/Generic-R
SentinelOneStatic AI – Suspicious PE
GDataTrojan.GenericKD.62452326
AviraHEUR/AGEN.1201430
MAXmalware (ai score=85)
Antiy-AVLTrojan/Generic.ASCommon.203
KingsoftWin32.Troj.Undef.(kcloud)
MicrosoftTrojan:Win32/Wacatac.B!ml
GoogleDetected
McAfeeAgent-FSQ!C5A35F45DB03
MalwarebytesMalware.AI.3502774565
TrendMicro-HouseCallTROJ_GEN.R002C0PJ122
RisingHackTool.VulnDriver/x64!1.D7DB (CLASSIC:bWQ1OndZbTLhBzJu)
YandexTrojan.Dizemp!UTX/QGlwKLI
IkarusWin32.Outbreak
MaxSecureTrojan-Ransom.Win32.Crypmod.zfq
FortinetW32/CoinMiner.FQ!tr
AVGWin64:Evo-gen [Trj]
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Malware.AI.3502774565?

Malware.AI.3502774565 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment