Malware.AI.3687255513 (file analysis)

The Malware.AI.3687255513 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.3687255513 virus can do?

Creates RWX memory
Dynamic (imported) function loading detected
Reads data out of its own binary image
Authenticode signature is invalid
Anomalous binary characteristics

How to determine Malware.AI.3687255513?


File Info:
name: 5DDF1436636C83D212AC.mlw
path: /opt/CAPEv2/storage/binaries/5b94371c52939d4737788b8a5de14f535573f3e77c280bcbfbd49c213348d115
crc32: 85020522
md5: 5ddf1436636c83d212acfeb7052750e6
sha1: 59dc739529cb8a3fa1d0d4df759f95284861cced
sha256: 5b94371c52939d4737788b8a5de14f535573f3e77c280bcbfbd49c213348d115
sha512: 6ca2a7033bb180a898fd286655eb29965e052904a9d42cb93ba00aaa9d97b9718a966010451fc9fb2f154b7be0e1c24bd3ec4ae79547715421c99bce3d1badc0
ssdeep: 98304:GhmIp9t0xoAyy2WL0TmdxmLXHCKOO24Oh+1zZDi3sRvaJm0rCgFFJhdJLOmVv:1Mt0xoRTqXmLCvO24A+1Q382brphvtv
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T17436333ABDD1B563CF7D1C3208AB5E152AB70143B5A80F921D981F68122E795F2AF707
sha3_384: 9148d131c9bd0caf363a59f42e6c6a2af90c83a85dca210672ea900012974e3bda8294aad8654287c576e89690cf8456
ep_bytes: 81ec8001000053555633db57895c2418
timestamp: 2009-06-18 21:33:27

Version Info:
Comments: http://www.kuaiwan.com
CompanyName: Shenzhen QVOD Technology Co.,Ltd
FileDescription: KuaiwanSetup
FileVersion: 3.5.6.3
LegalCopyright: Copyright(C) 2006-2012 QVOD
ProductName: KuaiwanSetup.exe
Translation: 0x0000 0x04e4

Malware.AI.3687255513 also known as:

Bkav	W32.AIDetect.malware2
MicroWorld-eScan	Trojan.GenericKD.34265202
FireEye	Trojan.GenericKD.34265202
McAfee	Artemis!DDC4A643B80D
Zillya	Backdoor.DarkKomet.Win32.42215
Cybereason	malicious.6636c8
Symantec	SMG.Heur!gen
ESET-NOD32	a variant of Win32/Zaccl.A
APEX	Malicious
BitDefender	Trojan.GenericKD.34265202
Ad-Aware	Trojan.GenericKD.34265202
Sophos	Generic ML PUA (PUA)
TrendMicro	Cryp_Xed-12
Emsisoft	Trojan.GenericKD.34265202 (B)
SentinelOne	Static AI – Suspicious PE
GData	Trojan.GenericKD.34265202
Antiy-AVL	Trojan/Generic.ASMalwNS.1EB
Microsoft	Trojan:Win32/Skeeyah.A!bit
Cynet	Malicious (score: 100)
ALYac	Trojan.GenericKD.34265202
MAX	malware (ai score=89)
Malwarebytes	Malware.AI.3687255513
Zoner	Probably Heur.ExeHeaderP
TrendMicro-HouseCall	Cryp_Xed-12
Ikarus	Trojan.Kazy
CrowdStrike	win/grayware_confidence_100% (D)

How to remove Malware.AI.3687255513?

Malware.AI.3687255513 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X