Malware.AI.3560676592 removal guide

The Malware.AI.3560676592 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.3560676592 virus can do?

Unconventionial binary language: Chinese (Simplified)
Unconventionial language used in binary resources: Chinese (Simplified)
The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid

How to determine Malware.AI.3560676592?


File Info:
name: AFBF1A21250087387369.mlw
path: /opt/CAPEv2/storage/binaries/f721472687af2a9ae61c4f7df66821360eac2568b7c70e2f8c7d93996d87dd37
crc32: 625334AF
md5: afbf1a2125008738736940f669e3e6ac
sha1: b64dbbb2fc90653f6b54fc7b18d3128acee6af49
sha256: f721472687af2a9ae61c4f7df66821360eac2568b7c70e2f8c7d93996d87dd37
sha512: 4620c79041216d944b8aa2e48d2207921334890c81ea709cd370ce1894b72c5b0bf4cb4b06480ba2bdbee41201c3956b9c7135d6026a4696cf84b337bbff0882
ssdeep: 12288:yMKRQhdnx3NB3n6mVCvHSK7j3W6Fw9YvOmE+T/84n0nvad:yH2Tn/B36mSjW60YvOmEe8iHd
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1F0357F12B982E027D42312F28EFEB279636CEE9007315947A7DCFF1A9AB62517F17015
sha3_384: ea133f5d15ca75b263ed52e46299778049ee84959483a402c827c776948d7227dab43b2884b0589c9b157dc7f0ee7e6f
ep_bytes: 558bec6aff68a877480068082c480064
timestamp: 1999-11-16 07:54:11

Version Info:
Comments: 坚决打倒弱智的盗版光盘制作者！
CompanyName: Star175
FileDescription: 三国志．曹操传简体中文MP3仿音轨经典
FileVersion: 1, 0, 0, 1
InternalName: Ekd5
LegalCopyright: Copyright (C) 2003 k??@SMTH
OriginalFilename: Ekd5.exe
ProductName: 三国志．曹操传简体中文MP3仿音轨经典 - 水木清华特别版
ProductVersion: 1, 0, 0, 1
Translation: 0x0804 0x04b0

Malware.AI.3560676592 also known as:

Bkav	W32.AIDetectMalware
MicroWorld-eScan	Gen:Variant.Jaik.177947
ALYac	Gen:Variant.Jaik.177947
Cylance	unsafe
VIPRE	Gen:Variant.Jaik.177947
APEX	Malicious
BitDefender	Gen:Variant.Jaik.177947
Emsisoft	Gen:Variant.Jaik.177947 (B)
Trapmine	malicious.moderate.ml.score
FireEye	Gen:Variant.Jaik.177947
Antiy-AVL	GrayWare/Win32.Wacapew
Kingsoft	malware.kb.a.910
Arcabit	Trojan.Jaik.D2B71B
GData	Gen:Variant.Jaik.177947
MAX	malware (ai score=82)
VBA32	BScope.Trojan.Wacatac
Malwarebytes	Malware.AI.3560676592
Rising	Trojan.Generic@AI.94 (RDML:dTuOelxsDBUz9tUTVM6Hww)
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.219057387.susgen

How to remove Malware.AI.3560676592?

Malware.AI.3560676592 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X