Malware

Malware.AI.3637318355 (file analysis)

Malware Removal

The Malware.AI.3637318355 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.3637318355 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • A file was accessed within the Public folder.
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Creates a copy of itself
  • Attempts to interact with an Alternate Data Stream (ADS)
  • Anomalous binary characteristics

How to determine Malware.AI.3637318355?



File Info:

name: 988E9FA903CC2FBB80E7.mlw
path: /opt/CAPEv2/storage/binaries/92b449d5932fd42a5040b26e2a849aea3deb04ae0c4e400e6ddf13acd12a94e3
crc32: 06D56809
md5: 988e9fa903cc2fbb80e7221072fb2221
sha1: a69963cf1b22edc9f3a7f86380ed3d6627ff174b
sha256: 92b449d5932fd42a5040b26e2a849aea3deb04ae0c4e400e6ddf13acd12a94e3
sha512: 8db2f2a013ab8ff2facb1b2c66b2d8bccca5498023c120d6e2d301f4e7109eedc5b52ba7233c8a1143c400312b571e5094e8553adff10b4119824dd85c42f12f
ssdeep: 768:EbBuCExED5DDwP1yByU0yylKdwnYoKCVjL8G4ZZfJUVhgCDHjV:EbsDuD5Ds410FKKQtG4vxUQCD
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T17E435E0B77C80195FED727F226B240D664F6B8495B47844F12286ABD2C3BD162E79B0F
sha3_384: a647318fcfbaa069f4433de232a04a3c2d5c3a75be6de0f8e56b0462998fc584fcc7359155b7d48d29a6f9373e2372fa
ep_bytes: 6834134000e8f0ffffff000000000000
timestamp: 2016-06-02 19:59:10


Version Info:

0: [No Data]

Malware.AI.3637318355 also known as:

BkavW32.AIDetectMalware
LionicWorm.Win32.VBNA.tnBO
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Trojan.Heur.GM.0184030182
FireEyeGeneric.mg.988e9fa903cc2fbb
SkyhighBehavesLike.Win32.Generic.qm
McAfeeGenericRXAA-AA!988E9FA903CC
MalwarebytesMalware.AI.3637318355
ZillyaWorm.VBNA.Win32.301199
SangforSuspicious.Win32.Save.vb
K7AntiVirusP2PWorm ( 0009f5cb1 )
AlibabaWorm:Win32/VBInject.68a18e09
K7GWP2PWorm ( 0009f5cb1 )
CrowdStrikewin/malicious_confidence_100% (W)
BitDefenderThetaAI:Packer.BDB4F2B61D
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/VB.OPR
APEXMalicious
CynetMalicious (score: 100)
KasperskyWorm.Win32.VBNA.c
BitDefenderGen:Trojan.Heur.GM.0184030182
NANO-AntivirusTrojan.Win32.VB.elqcav
AvastWin32:Malware-gen
TencentWin32.Worm.Vbna.Ckjl
SophosMal/VB-GI
F-SecureTrojan.TR/VBInject.aroan
DrWebTrojan.DiamondFox.1
VIPREGen:Trojan.Heur.GM.0184030182
TrendMicroTROJ_FRS.0NA103IE20
EmsisoftGen:Trojan.Heur.GM.0184030182 (B)
IkarusTrojan.Win32.VB
GDataGen:Trojan.Heur.GM.0184030182
WebrootW32.Malware.gen
VaristW32/new-malware!Maximus
AviraTR/VBInject.aroan
Antiy-AVLWorm/Win32.VBNA
KingsoftWin32.HeurC.KVMH008.a
XcitiumPacked.Win32.MUPX.Gen@24tbus
ArcabitTrojan.Heur.GM.DAF813E6
ViRobotTrojan.Win32.Agent.57856.AW
ZoneAlarmWorm.Win32.VBNA.c
MicrosoftVirTool:Win32/VBInject.gen!FA
GoogleDetected
AhnLab-V3Worm/Win32.VBNA.C1740072
ALYacGen:Trojan.Heur.GM.0184030182
MAXmalware (ai score=100)
VBA32TScope.Trojan.VB
Cylanceunsafe
PandaTrj/GdSda.A
TrendMicro-HouseCallTROJ_FRS.0NA103IE20
RisingBackdoor.DiamondFox!1.D56F (CLASSIC)
YandexTrojan.DiamondFox!/QK/eUebQvg
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.1331504.susgen
FortinetW32/VB.C!worm
AVGWin32:Malware-gen
Cybereasonmalicious.f1b22e
DeepInstinctMALICIOUS

How to remove Malware.AI.3637318355?

Malware.AI.3637318355 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment