Malware

Malware.AI.3509575552 malicious file

Malware Removal

The Malware.AI.3509575552 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.3509575552 virus can do?

  • Executable code extraction
  • Injection (inter-process)
  • Injection (Process Hollowing)
  • Creates RWX memory
  • Reads data out of its own binary image
  • A process created a hidden window
  • The executable is compressed using UPX
  • Uses Windows utilities for basic functionality
  • Deletes its original binary from disk
  • Detects Avast Antivirus through the presence of a library
  • Executed a process and injected code into it, probably while unpacking
  • Steals private information from local Internet browsers
  • Installs itself for autorun at Windows startup
  • Exhibits behavior characteristic of Pony malware
  • Collects information about installed applications
  • Harvests credentials from local FTP client softwares
  • Harvests information related to installed mail clients
  • Anomalous binary characteristics

Related domains:

z.whorecord.xyz
a.tomx.xyz

How to determine Malware.AI.3509575552?



File Info:

crc32: 6874716C
md5: 36dcd5bc51ced9d32f2d99edaed76c4f
name: 36DCD5BC51CED9D32F2D99EDAED76C4F.mlw
sha1: e38024fd4ad13a32658977c408b9bdd3b80d17f9
sha256: dbcfaa5a3579b04f306a5406eebf030c69de925d3de58a847c78e144eafa31b9
sha512: 1be171a48cfd745c2ba4365fd83cd591f4515d08cf9e679f05bf53b400591b034b6fdd0e8656e19a0919e9b1766768e6dce0db3042a9cde5dad9d8a9ebac78d2
ssdeep: 3072:l+pq4Y5Vu++4i21lXwrlfnJWbFIwntQjIycdKRAF9APr/lCMAs:lD4YbztXIlfnqOIVdzADNC5s
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: Copyright (C) 2011
InternalName: HD Tune Pro
FileVersion: 5, 0, 0, 0
CompanyName: EFD Software
PrivateBuild: 
LegalTrademarks: 
Comments: 
ProductName: HD Tune Pro
SpecialBuild: 
ProductVersion: 5, 0, 0, 0
FileDescription: HD Tune Pro
OriginalFilename: HDTunePro.EXE
Translation: 0x0409 0x04b0

Malware.AI.3509575552 also known as:

BkavW32.AIDetectVM.malware1
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Graftor.166087
FireEyeGeneric.mg.36dcd5bc51ced9d3
CAT-QuickHealTrojan.Generic
McAfeeGenericRXAA-AA!36DCD5BC51CE
CylanceUnsafe
ZillyaDropper.Injector.Win32.65021
AegisLabTrojan.Win32.Generic.4!c
SangforMalware
K7AntiVirusTrojan-Downloader ( 0055e3da1 )
BitDefenderGen:Variant.Graftor.166087
K7GWTrojan-Downloader ( 0055e3da1 )
Cybereasonmalicious.c51ced
BitDefenderThetaGen:NN.ZexaF.34804.lu0@a0EBNoai
CyrenW32/Trojan.BPQO-0987
SymantecMobileInsightAppRisk:Generisk
SymantecDownloader.Ponik
ESET-NOD32Win32/TrojanDownloader.Wauchos.A
APEXMalicious
AvastFileRepMalware
KasperskyHEUR:Trojan.Win32.Generic
AlibabaVirTool:Win32/Obfuscator.1f6aa342
NANO-AntivirusTrojan.Win32.Tepfer.djrchk
TencentMalware.Win32.Gencirc.10c7e496
Ad-AwareGen:Variant.Graftor.166087
SophosMal/Generic-S
ComodoMalware@#ypcf3mr9e6yo
F-SecureHeuristic.HEUR/AGEN.1113067
DrWebBackDoor.Andromeda.22
VIPRETrojan.Win32.Generic.pak!cobra
TrendMicroTROJ_GEN.R002C0DB121
McAfee-GW-EditionBehavesLike.Win32.Trojan.ch
EmsisoftGen:Variant.Graftor.166087 (B)
SentinelOneStatic AI – Malicious PE
JiangminTrojanDropper.Injector.auhi
AviraHEUR/AGEN.1113067
MAXmalware (ai score=82)
Antiy-AVLTrojan[Backdoor]/Win32.Androm
MicrosoftPWS:Win32/Fareit
ArcabitTrojan.Graftor.D288C7
AhnLab-V3Trojan/Win32.ZBot.R127756
ZoneAlarmHEUR:Trojan.Win32.Generic
GDataGen:Variant.Graftor.166087
CynetMalicious (score: 100)
Acronissuspicious
ALYacGen:Variant.Graftor.166087
VBA32Backdoor.Androm
MalwarebytesMalware.AI.3509575552
PandaTrj/Genetic.gen
TrendMicro-HouseCallTROJ_GEN.R002C0DB121
RisingDownloader.Wauchos!8.D9 (TFE:1:89PsIzQFExB)
YandexTrojan.GenAsa!JAtPJALo+jU
IkarusTrojan-PSW.Win32.Tepfer
FortinetW32/Generic.AC.1D6B8!tr
AVGFileRepMalware
Paloaltogeneric.ml
Qihoo-360Win32/Trojan.Dropper.d65

How to remove Malware.AI.3509575552?

Malware.AI.3509575552 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment