Malware.AI.3638803705 removal instruction

The Malware.AI.3638803705 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.3638803705 virus can do?

The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid

How to determine Malware.AI.3638803705?


File Info:
name: 8E5B34389BE070D58B7D.mlw
path: /opt/CAPEv2/storage/binaries/8722f78738eefc9402494baec12d640a9193274982d25af52c6b796f96c3f312
crc32: C0CE3795
md5: 8e5b34389be070d58b7d9f7d66ee0184
sha1: d7d4a5e99df97c2b023010dede7127d115c26cd5
sha256: 8722f78738eefc9402494baec12d640a9193274982d25af52c6b796f96c3f312
sha512: 995c170d722f540ba4b8ee22a854a679deb742ae86fc318f3dcd0845463341f80c4ec2a83d03ea9af75204c40420b6864613749dd5a928e2e521881ca56650b4
ssdeep: 768:PDOlHFE8HDnldyYGjpKBkY+eExx8BFAC9:PyleqblO1c+5x2BF
type: PE32+ executable (console) x86-64, for MS Windows
tlsh: T1E373E71BB3AAA0F7D576C17989D21228BB71706413351BCF104489B99F726E83E3DBD8
sha3_384: 618e9e7cf805bda2efe86d395c7a65356b5856a23adffb3722c9a554296de64dc265d1e36aa40c41668a74171d42c572
ep_bytes: e9e82a0000e9d3480000e90e610000e9
timestamp: 2023-03-11 21:10:43

Version Info:
0: [No Data]

Malware.AI.3638803705 also known as:

Lionic	Trojan.Win32.CVE-2023-21768.4!c
MicroWorld-eScan	Gen:Variant.Ulise.410057
ALYac	Gen:Variant.Ulise.410057
Malwarebytes	Malware.AI.3638803705
Zillya	Exploit.CVE202321768.Win64.4
Sangfor	Exploit.Win64.CVE.Vljy
K7AntiVirus	Trojan ( 005a1a5f1 )
Alibaba	Exploit:Win64/CVE-2023-21768.32cfe32d
K7GW	Trojan ( 005a1a5f1 )
CrowdStrike	win/malicious_confidence_90% (W)
Cyren	W64/ABRisk.AHMH-7116
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win64/Exploit.CVE-2023-21768.B
APEX	Malicious
Cynet	Malicious (score: 100)
Kaspersky	VHO:Exploit.Win64.CVE-2023-21768.gen
BitDefender	Gen:Variant.Ulise.410057
Avast	Win64:Trojan-gen
Tencent	Win32.Trojan.Redcap.Lajl
Emsisoft	Gen:Variant.Ulise.410057 (B)
F-Secure	Trojan.TR/Redcap.bjipz
VIPRE	Gen:Variant.Ulise.410057
TrendMicro	TROJ_GEN.R002C0PDM23
McAfee-GW-Edition	RDN/Generic Exploit
FireEye	Gen:Variant.Ulise.410057
Sophos	Mal/Generic-S
GData	Gen:Variant.Ulise.410057
Avira	TR/Redcap.bjipz
Antiy-AVL	Trojan[Exploit]/Win64.CVE-2023-21768
Arcabit	Trojan.Ulise.D641C9
ZoneAlarm	VHO:Exploit.Win64.CVE-2023-21768.gen
Microsoft	Trojan:Win32/Woreflint.A!cl
Google	Detected
AhnLab-V3	Trojan/Win.Generic.C5416859
McAfee	RDN/Generic Exploit
MAX	malware (ai score=89)
Cylance	unsafe
Panda	Trj/Chgt.AD
TrendMicro-HouseCall	TROJ_GEN.R002C0PDM23
Rising	Exploit.CVE-2023-21768!8.17CE6 (TFE:5:winCpnrghVS)
MaxSecure	Trojan.Malware.207036435.susgen
Fortinet	Malicious_Behavior.SB
AVG	Win64:Trojan-gen
DeepInstinct	MALICIOUS

How to remove Malware.AI.3638803705?

Malware.AI.3638803705 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X