About “Malware.AI.3649652796” infection

The Malware.AI.3649652796 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.3649652796 virus can do?

The binary likely contains encrypted or compressed data.
Authenticode signature is invalid

How to determine Malware.AI.3649652796?


File Info:
name: 28DFFEAFC38E6288FA2F.mlw
path: /opt/CAPEv2/storage/binaries/b768bfd4badbf1c6f83633b726e209bce3b5cdca63d5858311491ce2aacb04eb
crc32: 5B4F807B
md5: 28dffeafc38e6288fa2f8d619b1a20e2
sha1: 94bbcfc7a7240981b80e1ab46d16793dbdb440dc
sha256: b768bfd4badbf1c6f83633b726e209bce3b5cdca63d5858311491ce2aacb04eb
sha512: 456cefe7ac04bb859834c8999cce2d650140d85a026619daa6d9e5410b6fb8d52c8af9e41c4a7c54ea21078869513138e7842ef1087b3d5adae946d8a0f7580c
ssdeep: 6144:4q1/aGLDCMKkdpNAkoSzZYRxAc58ayX2u5yebi86BMayIW+xkyd7Kf0lg/zYCuJq:71/aGLDCMNpNAkoSzZWD8ayX2oi86B8h
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1CB845A125135293CEFA34670745AA57AD4B087DA8F22CAC52B50DEF3FDB3480AD6E583
sha3_384: 8dadbf6fd84f5fb659e8ed0add73c0c1f7cf442e129cea47ebafcd17157d32bd7fc47fcf1c8749d9a0c461e66b074189
ep_bytes: 5589e583ec08c7042402000000ff154c
timestamp: 2014-02-27 06:41:59

Version Info:
0: [No Data]

Malware.AI.3649652796 also known as:

Bkav	W32.AIDetect.malware1
Elastic	malicious (high confidence)
MicroWorld-eScan	Trojan.Agent.CCPK
FireEye	Generic.mg.28dffeafc38e6288
CAT-QuickHeal	Trojan.Beaugrit.A6
McAfee	W32/Worm-GAT!28DFFEAFC38E
Cylance	Unsafe
Zillya	Trojan.Agent.Win32.530055
Sangfor	Trojan.Win32.Save.a
K7AntiVirus	Trojan ( 004993691 )
K7GW	Trojan ( 004993691 )
Cybereason	malicious.fc38e6
Baidu	Win32.Worm.Mira.c
Cyren	W32/TrojanP.B
Symantec	SMG.Heur!gen
ESET-NOD32	Win32/Mira.A
APEX	Malicious
Kaspersky	Trojan.Win32.Agent.icgh
BitDefender	Trojan.Agent.CCPK
NANO-Antivirus	Trojan.Win32.Zusy.ethqlz
Avast	Win32:Evo-gen [Susp]
Tencent	Trojan.Win32.BitCoinMiner.la
Ad-Aware	Trojan.Agent.CCPK
Emsisoft	Trojan.Agent.CCPK (B)
Comodo	Worm.Win32.Mira.SG@72k617
DrWeb	Win32.HLLO.Siggen.5
McAfee-GW-Edition	BehavesLike.Win32.VirRansom.fc
Sophos	ML/PE-A + W32/Mira-B
Ikarus	Trojan.Win32.Heur
GData	Win32.Worm.Mira.D
Jiangmin	Trojan/Agent.iezf
Avira	TR/Zusy.BQ
Antiy-AVL	Trojan/Generic.ASBOL.DB7
Arcabit	Trojan.Agent.CCPK
Microsoft	Trojan:Win32/Mira
Cynet	Malicious (score: 100)
Acronis	suspicious
VBA32	Worm.Mira
ALYac	Trojan.Agent.CCPK
MAX	malware (ai score=83)
Malwarebytes	Malware.AI.3649652796
Rising	Malware.Heuristic!ET#100% (RDMK:cmRtazo32ml865xaAK3teDvUUYX/)
SentinelOne	Static AI – Malicious PE
Fortinet	W32/Mira.9C5!tr
BitDefenderTheta	Gen:NN.ZexaF.34294.xyZ@aKopAmp
AVG	Win32:Evo-gen [Susp]
CrowdStrike	win/malicious_confidence_100% (D)
MaxSecure	Trojan.Agent.icgh

How to remove Malware.AI.3649652796?

Malware.AI.3649652796 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X