Malware

How to remove “Malware.AI.3521757754”?

Malware Removal

The Malware.AI.3521757754 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.3521757754 virus can do?

  • Executable code extraction
  • Injection (inter-process)
  • Injection (Process Hollowing)
  • Creates RWX memory
  • Reads data out of its own binary image
  • A process created a hidden window
  • Drops a binary and executes it
  • Unconventionial language used in binary resources: Serbian (Cyrillic)
  • Uses Windows utilities for basic functionality
  • Executed a process and injected code into it, probably while unpacking
  • Installs itself for autorun at Windows startup
  • Network activity detected but not expressed in API logs
  • Creates a slightly modified copy of itself
  • Anomalous binary characteristics

How to determine Malware.AI.3521757754?



File Info:

crc32: 7933770E
md5: e58dd1a8015e6eea0684b14db8a8df46
name: E58DD1A8015E6EEA0684B14DB8A8DF46.mlw
sha1: 51ced24198dd9bfb4da5bb2039ad070e1ee5da91
sha256: 5e1a32479bd18084541daf67070546bc55538ebcf8789a622b47d6853b504cac
sha512: 43bd675874f4cd3535b6929985477f03150f2f26d396ac10609f1a01532f6cbe5e2f7cea34d357fbef883ed54dd1e3bafe227346b7a7337b52a5d1b77ced6fe2
ssdeep: 1536:AXVyiy/GZN5pBVqR/9eZZFnBTtTJQ1ExgSdh5zlVh7NipVVYRpTlOVSvEHFNFVz:GV2diQVM9TIPT96q
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

Translation: 0x0409 0x04b0
LegalCopyright: grana turni spiga 2003
InternalName: lamine
FileVersion: 8.08.0002
CompanyName: divani entra
LegalTrademarks: spazio colti
Comments: Foste venni sanava
ProductName: grane
ProductVersion: 8.08.0002
FileDescription: Avviai spregi state affare
OriginalFilename: lamine.exe

Malware.AI.3521757754 also known as:

BkavW32.AIDetectVM.malware1
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Barys.4372
Qihoo-360Win32/Trojan.598
ALYacGen:Variant.Barys.4372
CylanceUnsafe
VIPRETrojan.Win32.Generic!BT
SangforMalware
CrowdStrikewin/malicious_confidence_100% (D)
BitDefenderGen:Variant.Barys.4372
K7GWTrojan ( 0055e3991 )
K7AntiVirusTrojan ( 0055e3991 )
BitDefenderThetaGen:NN.ZevbaF.34804.fm0@ay!ZjciG
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Injector.SOJ
APEXMalicious
AvastWin32:VB-ADIW [Trj]
ClamAVWin.Dropper.LokiBot-7584465-0
KasperskyTrojan.Win32.Inject.uxew
NANO-AntivirusTrojan.Win32.Inject.eazshh
TencentMalware.Win32.Gencirc.10b1c6ce
Ad-AwareGen:Variant.Barys.4372
SophosML/PE-A + Mal/VBCheMan-G
ComodoTrojWare.Win32.Injector.SOJC@4ppnjv
F-SecureTrojan.TR/ATRAPS.Gen2
DrWebBackDoor.IRC.NgrBot.41
ZillyaTrojan.Jorik.Win32.101024
McAfee-GW-EditionBehavesLike.Win32.PWSZbot.mm
FireEyeGeneric.mg.e58dd1a8015e6eea
EmsisoftGen:Variant.Barys.4372 (B)
SentinelOneStatic AI – Malicious PE – Downloader
JiangminBackdoor/Androm.bfk
AviraTR/ATRAPS.Gen2
MAXmalware (ai score=81)
Antiy-AVLTrojan/Win32.Androm
MicrosoftTrojan:Win32/Wacatac.B!ml
ArcabitTrojan.Barys.D1114
SUPERAntiSpywareTrojan.Agent/Gen-Dropper
AhnLab-V3Trojan/Win32.VBKrypt.C161437
ZoneAlarmTrojan.Win32.Inject.uxew
GDataGen:Variant.Barys.4372
CynetMalicious (score: 100)
McAfeeGenericR-AAZ!E58DD1A8015E
TACHYONTrojan/W32.VB-Inject.86016.H
VBA32BScope.TrojanSpy.Zbot
MalwarebytesMalware.AI.3521757754
PandaTrj/CI.A
TrendMicro-HouseCallHV_ANDROM_CI192E51.RDXN
RisingTrojan.Injector!8.C4 (TFE:3:eWl4VgEsDRJ)
YandexTrojan.GenAsa!pvw7M8SsLJQ
IkarusWorm.Win32.WBNA
FortinetW32/VBKrypt.MBSX!tr
AVGWin32:VB-ADIW [Trj]
Paloaltogeneric.ml

How to remove Malware.AI.3521757754?

Malware.AI.3521757754 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment