Malware

Malware.AI.3644423969 removal tips

Malware Removal

The Malware.AI.3644423969 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.3644423969 virus can do?

  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Creates an autorun.inf file
  • Authenticode signature is invalid
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Malware.AI.3644423969?



File Info:

name: B896BA409C587622424D.mlw
path: /opt/CAPEv2/storage/binaries/7ea79333c075d814ea52fe756a80e29f329a977fe7980732419a0055b4d75d6f
crc32: AA6315D9
md5: b896ba409c587622424dc12635772169
sha1: b9a0fd4b7ce0195cd7005e912fc8bc9fcc4b0a7f
sha256: 7ea79333c075d814ea52fe756a80e29f329a977fe7980732419a0055b4d75d6f
sha512: 5eb76cc4d9fe0aa5aa8785e13e931466f37487499191ac37f78a35156712e5e7c271b01357a1da666410d637b650cd91318ac44d3592460b09c089ec2de85c9e
ssdeep: 49152:Tw3KLAPJwDEeg7oz6nO3Gx1Txz07apkAW4:0aLAhTegMz6O2P0Ej
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T141B5F150A91DF703EBD8517AF05CB0F9044A6D24DE887C7324E47F7BB63A6A8474862B
sha3_384: ccd907a2afc7b9d2ed06eea6b8edcf3908acc2c6c54be28f20bcba29590d9a76890268316741c1c5506d43a5e2d92d7e
ep_bytes: 60be002066008dbe00f0d9ff57eb0b90
timestamp: 2018-07-18 07:34:43


Version Info:

FileVersion: 1.0.18.326
Comments: ZJDS.Com
FileDescription: 装机大师脑硬盘安装
ProductVersion: 1.0.18.326
LegalCopyright: (C) ZJDS.Com All Rights Reserved.
编译工具: iler(Cxy修改版)
Translation: 0x0804 0x04b0

Malware.AI.3644423969 also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Generic.4!c
SkyhighBehavesLike.Win32.BadFile.vc
MalwarebytesMalware.AI.3644423969
SangforTrojan.Win32.Agent.Vf5d
SymantecML.Attribute.HighConfidence
Elasticmalicious (moderate confidence)
APEXMalicious
RisingTrojan.Obfus/Autoit!1.D77B (CLASSIC)
Trapminesuspicious.low.ml.score
SophosGeneric Reputation PUA (PUA)
IkarusPUA.Autoit
WebrootW32.Adware.Gen
GoogleDetected
Antiy-AVLGrayWare/Autoit.BinToStr.a
MicrosoftMisleading:Win32/Lodi
McAfeeArtemis!B896BA409C58
DeepInstinctMALICIOUS
VBA32TrojanDropper.Autoit
Cylanceunsafe
TrendMicro-HouseCallTROJ_GEN.R002H01JN23
SentinelOneStatic AI – Malicious PE
FortinetRiskware/Application
AVGWin32:Malware-gen
AvastWin32:Malware-gen

How to remove Malware.AI.3644423969?

Malware.AI.3644423969 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment