Malware

How to remove “Malware.AI.3698618817”?

Malware Removal

The Malware.AI.3698618817 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.3698618817 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Performs HTTP requests potentially not found in PCAP.
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Executable file is packed/obfuscated with MPRESS
  • Authenticode signature is invalid
  • Attempts to modify proxy settings
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Malware.AI.3698618817?



File Info:

name: A324AC8B4BF317450F28.mlw
path: /opt/CAPEv2/storage/binaries/c02321c403609f7cd02a741afc9a6a1c065fa2a2e1b6eac3faab05eeb6b89bae
crc32: 59A8F361
md5: a324ac8b4bf317450f28bde9d33fc1ad
sha1: 6aef3dd58fa35e259a6444c7ed48802bd0f9eff1
sha256: c02321c403609f7cd02a741afc9a6a1c065fa2a2e1b6eac3faab05eeb6b89bae
sha512: b6d166b6358b47471b0d8ec774d6e537c4ffbdf564d3d1d3a73c9a3a8d05b63d189622a9cc92406b2212ce4b2a09c4a658f143de6a812c0e8776389e321b5d32
ssdeep: 12288:qYpr21vmyh1MthBGTTlCmhooENT4hqx2FXHLyW+I7j777B7:qYocyh16hAyUhqxWXHLd
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T17FF457429B898C00C8559AF3C8664A771772FD356B629AB54F947CEBBF7219ED803033
sha3_384: 5783ae6952d41bf3d990bd60d23b2c156b9597457ef618fbb7d054c2d614d35c1a39d6829eb7484e2c27442db5d3c61d
ep_bytes: 60e80000000058059f0200008b3003f0
timestamp: 2021-07-11 14:11:08


Version Info:

Comments: 
CompanyName: YT Applications
FileDescription: Media Player
FileVersion: 7, 6, 0, 0
InternalName: Media Player
LegalCopyright: (C) YT Applications. All rights reserved.
LegalTrademarks: 
OriginalFilename: MediaPlayer.EXE
PrivateBuild: 
ProductName: YT Downloader
ProductVersion: 7, 6, 0, 0
SpecialBuild: 
Translation: 0x0409 0x04b0

Malware.AI.3698618817 also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Generic.4!c
AVGWin32:Malware-gen
Elasticmalicious (high confidence)
FireEyeGeneric.mg.a324ac8b4bf31745
MalwarebytesMalware.AI.3698618817
SangforRiskware.Win32.Uwamson.A
CrowdStrikewin/malicious_confidence_60% (W)
CynetMalicious (score: 100)
APEXMalicious
Paloaltogeneric.ml
ClamAVWin.Malware.Generic-9951959-0
AvastWin32:Malware-gen
SophosGeneric ML PUA (PUA)
McAfee-GW-EditionBehavesLike.Win32.Generic.bc
Trapminemalicious.high.ml.score
WebrootW32.Trojan.Gen
Antiy-AVLTrojan/Win32.Generic
MicrosoftPUA:Win32/Presenoker
GoogleDetected
AhnLab-V3Trojan/Win.Generic.R475874
McAfeeArtemis!A324AC8B4BF3
VBA32BScope.Trojan.Wacatac
Cylanceunsafe
DeepInstinctMALICIOUS

How to remove Malware.AI.3698618817?

Malware.AI.3698618817 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment