Malware

How to remove “Malware.AI.3699308255”?

Malware Removal

The Malware.AI.3699308255 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.3699308255 virus can do?

  • Uses Windows utilities for basic functionality
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Uses Windows utilities to create a scheduled task
  • Behavioural detection: Injection (Process Hollowing)
  • Behavioural detection: Injection (inter-process)
  • CAPE detected the Fareit malware family
  • Deletes executed files from disk
  • Attempts to access Bitcoin/ALTCoin wallets
  • Touches a file containing cookies, possibly for information gathering
  • Harvests credentials from local FTP client softwares
  • Harvests information related to installed mail clients
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Malware.AI.3699308255?



File Info:

name: 0FE08A4B30F6D773F92D.mlw
path: /opt/CAPEv2/storage/binaries/e90050d963d376c1f75416ebf9bc6ffa2299046f8add1dde6d67752443587411
crc32: 66B95F25
md5: 0fe08a4b30f6d773f92d4b0ba575204e
sha1: 0541e1c12f95dba92c0db8cc00270751578d64f1
sha256: e90050d963d376c1f75416ebf9bc6ffa2299046f8add1dde6d67752443587411
sha512: fffde7a896b632bc9f050ddc8ddbf1c0a9ee704b4aac6c452fba02e1ad9d49e98ac11d6d616e0514c88d7bb1ab93a0f3b3a5675f5765ecd54dadbaea0603ac1e
ssdeep: 1536:oStw4YAlh/sPrFUOywieHySDAwOwnbtuHnesQAxapFLsbovK+x1Htz2l6AEHwkxO:HzT/sPrFjAeEGuHnCLMotHtS5EQ
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1D3B38B952E70B2BBC4BF41F152303629E265F512573E0E56AECB077965DF0DA20283EE
sha3_384: 844cee8db292bb78aa79e9a164fd4ebdbc54723f95eeadb5d0a6b975bd3fe7997a94122d70e73ce0294f1346ae59e091
ep_bytes: 682c00000068000000006808de4100e8
timestamp: 2016-01-29 12:50:17


Version Info:

CompanyName: NVIDIA Corporation
Translation: 0x0409 0x04b0

Malware.AI.3699308255 also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Generic.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Graftor.268175
FireEyeGeneric.mg.0fe08a4b30f6d773
SkyhighBehavesLike.Win32.PWSZbot.cc
McAfeeGenericRXDZ-EC!0FE08A4B30F6
Cylanceunsafe
ZillyaTrojan.Kryptik.Win32.3659685
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaTrojan:Win32/Kryptik.ee99d919
K7GWTrojan ( 0055e3991 )
K7AntiVirusTrojan ( 0055e3991 )
BitDefenderThetaGen:NN.ZexaF.36744.hu0@aiETJZmi
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Kryptik.EMAU
APEXMalicious
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Variant.Graftor.268175
NANO-AntivirusTrojan.Win32.Stealer.fobvow
AvastWin32:Evo-gen [Trj]
TencentWin32.Trojan.Generic.Vsmw
EmsisoftGen:Variant.Graftor.268175 (B)
F-SecureHeuristic.HEUR/AGEN.1340269
DrWebTrojan.PWS.Stealer.13052
VIPREGen:Variant.Graftor.268175
TrendMicroTROJ_GEN.R002C0PA924
SophosMal/Ransom-EE
IkarusTrojan.Win32.Injector
GDataGen:Variant.Graftor.268175
JiangminTrojan.Generic.uwwe
GoogleDetected
AviraHEUR/AGEN.1340269
Antiy-AVLTrojan/Win32.AGeneric
Kingsoftmalware.kb.a.1000
ArcabitTrojan.Graftor.D4178F
ZoneAlarmHEUR:Trojan.Win32.Generic
MicrosoftPWS:Win32/Fareit
CynetMalicious (score: 100)
VBA32Backdoor.Kasidet
ALYacGen:Variant.Graftor.268175
MAXmalware (ai score=100)
MalwarebytesMalware.AI.3699308255
PandaTrj/GdSda.A
TrendMicro-HouseCallTROJ_GEN.R002C0PA924
RisingTrojan.Carberp!8.11D9 (TFE:4:ldlfYmBnmnD)
SentinelOneStatic AI – Suspicious PE
MaxSecureTrojan.Malware.9111230.susgen
FortinetW32/Fareit.G!tr
AVGWin32:Evo-gen [Trj]
DeepInstinctMALICIOUS

How to remove Malware.AI.3699308255?

Malware.AI.3699308255 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment