What is “Malware.AI.3671439894”?

The Malware.AI.3671439894 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.3671439894 virus can do?

SetUnhandledExceptionFilter detected (possible anti-debug)
Dynamic (imported) function loading detected
Authenticode signature is invalid
Binary compilation timestomping detected

How to determine Malware.AI.3671439894?


File Info:
name: 3C74B54CFB7406C6CACF.mlw
path: /opt/CAPEv2/storage/binaries/01fa684b826200e516f2fe14d1118a7a8b0559883b3c1f6812aca169a5b79dad
crc32: 2F3A1FF8
md5: 3c74b54cfb7406c6cacfcadf61940f6f
sha1: 5c98d59c1c961fe9110d24f6ebb6c2926f430ed3
sha256: 01fa684b826200e516f2fe14d1118a7a8b0559883b3c1f6812aca169a5b79dad
sha512: 3f5b07d666cdc3b3b8bd626ecaab69c78731b5db0a96950ed22b604e355a943cfe070776762c40e3e54bfcc03924d3829bf5bd61b763220a86b33fc6b379d06d
ssdeep: 3072:dMTpzUCCcmujoDi98tlOYId96G316Q1t62fmMYR2EyTRzVchxglGHpgTukLXey5e:KWc3joR5RGh6OOyTR+TgqpgTJ5e
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T11C645B31A3D4E039E4B321B49EEB92D5497EB9704B3294DB77C00AAD4F346D29A3171B
sha3_384: c10cf799a535e91b3f9c823cc8a957ed67dca342a3358afcbe91392c6e2029b77253e3b9a6add4a8b6af7b4a216d9873
ep_bytes: e8f8800000e995feffffc701e0744000
timestamp: 2106-02-07 06:28:15

Version Info:
0: [No Data]

Malware.AI.3671439894 also known as:

Lionic	Trojan.Win32.Staser.4!c
MicroWorld-eScan	Gen:Variant.Doina.10137
FireEye	Gen:Variant.Doina.10137
ALYac	Gen:Variant.Doina.10137
Cylance	Unsafe
Sangfor	Trojan.Win32.Staser.vho
Alibaba	Trojan:Win32/Staser.c067de60
Cybereason	malicious.cfb740
BitDefenderTheta	Gen:NN.ZexaF.34606.tqW@aCUMFiai
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (moderate confidence)
TrendMicro-HouseCall	TROJ_GEN.R002C0WDQ22
Paloalto	generic.ml
ClamAV	Win.Trojan.Staser-9946341-0
Kaspersky	HEUR:Trojan.Win32.Staser.vho
BitDefender	Gen:Variant.Doina.10137
Avast	Win32:Malware-gen
Ad-Aware	Gen:Variant.Doina.10137
Emsisoft	Gen:Variant.Doina.10137 (B)
Comodo	Malware@#pbm45po0043w
TrendMicro	TROJ_GEN.R002C0WDQ22
McAfee-GW-Edition	BehavesLike.Win32.Generic.fh
Sophos	Generic PUA FM (PUA)
APEX	Malicious
GData	Gen:Variant.Doina.10137
Jiangmin	Trojan.Staser.bsf
Avira	HEUR/AGEN.1210235
Microsoft	Trojan:Win32/Wacatac.B!ml
Cynet	Malicious (score: 99)
AhnLab-V3	Malware/Gen.Generic.C3596829
McAfee	Artemis!3C74B54CFB74
MAX	malware (ai score=80)
VBA32	BScope.Trojan.Staser
Malwarebytes	Malware.AI.3671439894
Yandex	Trojan.GenAsa!ZSsTJVhC/D0
Ikarus	Worm.Win32.AutoRun
MaxSecure	Trojan.Malware.74683565.susgen
Fortinet	W32/Cerbu.CQBJ!tr
AVG	Win32:Malware-gen
Panda	Trj/GdSda.A

How to remove Malware.AI.3671439894?

Malware.AI.3671439894 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X