What is "Malware.AI.3636136969"?

The Malware.AI.3636136969 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Malware.AI.3636136969 virus can do?

Executable code extraction
Attempts to connect to a dead IP:Port (1 unique times)
Creates RWX memory
Unconventionial language used in binary resources: Russian
The binary likely contains encrypted or compressed data.
Anomalous binary characteristics

Related domains:

z.whorecord.xyz

a.tomx.xyz

How to determine Malware.AI.3636136969?


File Info:
crc32: A00E4308
md5: ac76c86ac9e6d0fdd8605ef9afe46169
name: AC76C86AC9E6D0FDD8605EF9AFE46169.mlw
sha1: f917063f330506c8ba8bddaeeb045f38ec22806b
sha256: 6c58a8d5c3935a878d569a3e44ee31124f7a4be5f140a2eb708bd631340057f0
sha512: db6ac20e49bd81c8ae7fd51ad7e22f7a4717fbd098a9b1e2971e210b56f2e3307a1624feea759a23c50dd49ad7a8926e0421cedb14f1f6039b5b5d38f0dce5b5
ssdeep: 1536:8sBtGh7ZewCJkRA0SHMYL3XePvMOf8LZC8lrpDLb0:zMh7QwCJOA0SHLX0vMOELZRlNLb0
type: PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows

Version Info:
InternalName: c m d
FileVersion: 2.66
CompanyName:  NirSoft
ProductName:  NirCmd
ProductVersion: 2.66
FileDescription:  NirCmd
OriginalFilename:  NirCmd.exe 
Translation: 0x0409 0x04b1

Malware.AI.3636136969 also known as:

Bkav	W32.AIDetect.malware2
K7AntiVirus	Trojan ( 004f997d1 )
Elastic	malicious (high confidence)
DrWeb	Trojan.Encoder.5047
Cynet	Malicious (score: 100)
CAT-QuickHeal	Ransom.Cerber.MUE.A6
ALYac	Gen:Variant.Ransom.CryptXXX.1
Cylance	Unsafe
Zillya	Trojan.Kryptik.Win32.2280750
Sangfor	Trojan.Win32.Save.a
CrowdStrike	win/malicious_confidence_100% (D)
Alibaba	Ransom:Win32/Cryptor.2bd268ac
K7GW	Trojan ( 004f997d1 )
Cybereason	malicious.ac9e6d
Cyren	W32/S-ef537a26!Eldorado
Symantec	Ransom.CryptXXX!g17
ESET-NOD32	a variant of Win32/Kryptik.HGEN
Zoner	Probably Heur.ExeHeaderH
APEX	Malicious
Avast	Win32:Malware-gen
Kaspersky	Trojan-Ransom.Win32.Cryptor.cmz
BitDefender	Gen:Variant.Ransom.CryptXXX.1
NANO-Antivirus	Trojan.Win32.Encoder.evjvgp
MicroWorld-eScan	Gen:Variant.Ransom.CryptXXX.1
Tencent	Win32.Trojan.Generic.Lorm
Ad-Aware	Gen:Variant.Ransom.CryptXXX.1
Sophos	Mal/Generic-S
Comodo	Malware@#39w9pdablmca6
BitDefenderTheta	Gen:NN.ZexaF.34170.gy0@aq0x6!bQ
VIPRE	Trojan.Win32.Generic!BT
TrendMicro	Ransom_HPCRYPMIC.SM4
McAfee-GW-Edition	Ransomware-GJA!AC76C86AC9E6
FireEye	Generic.mg.ac76c86ac9e6d0fd
Emsisoft	Gen:Variant.Ransom.CryptXXX.1 (B)
SentinelOne	Static AI – Malicious PE
Avira	HEUR/AGEN.1128192
eGambit	Unsafe.AI_Score_99%
Antiy-AVL	Trojan/Generic.ASMalwS.22CC1C0
Microsoft	Ransom:Win32/Tovicrypt.A
ZoneAlarm	Trojan-Ransom.Win32.Cryptor.cmz
GData	Gen:Variant.Ransom.CryptXXX.1
AhnLab-V3	Trojan/Win32.CryptXXX.R188553
Acronis	suspicious
McAfee	Ransomware-GJA!AC76C86AC9E6
MAX	malware (ai score=100)
VBA32	BScope.Trojan.Bagsu
Malwarebytes	Malware.AI.3636136969
Panda	Trj/Genetic.gen
TrendMicro-HouseCall	Ransom_HPCRYPMIC.SM4
Rising	Trojan.Generic@ML.100 (RDML:86BJxSWqsYsGVIKGPpQajg)
Ikarus	Trojan-Ransom.Tovicrypt
Fortinet	W32/Kryptik.FNZR!tr
AVG	Win32:Malware-gen
Paloalto	generic.ml

How to remove Malware.AI.3636136969?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

What is “Malware.AI.3636136969”?