Malware

Malware.AI.369994353 removal guide

Malware Removal

The Malware.AI.369994353 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.369994353 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Dynamic (imported) function loading detected
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Enumerates the modules from a process (may be used to locate base addresses in process injection)
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is likely packed with VMProtect
  • Authenticode signature is invalid
  • Tries to suspend Cuckoo threads to prevent logging of malicious activity
  • Network activity detected but not expressed in API logs

Related domains:

wpad.local-net

How to determine Malware.AI.369994353?



File Info:

name: 6D6FED620506B99EEC07.mlw
path: /opt/CAPEv2/storage/binaries/2b6940448165dc7f55009a8861b192a64407b6ac1c75f910c6b373fe5bda285f
crc32: F2FCF385
md5: 6d6fed620506b99eec0705d0dc780e90
sha1: c95d25b5265b227fb22435892eb1727c4cfd1d57
sha256: 2b6940448165dc7f55009a8861b192a64407b6ac1c75f910c6b373fe5bda285f
sha512: ab28b8b0d12f0c47c1d6cdb6050e9dffcc6549d59138e4d510e76f9bd90cfe67a3ed832046310f3c34fe8eed393cd86bea3d78c50d6849a8d7d757c98f0b4c15
ssdeep: 98304:i1sF/rF9u0XBqVZFvSbNbpjoTKsDwWPCJ0mnlIfI6KC7fyb2vEmVgKTYL:iOz3uesjFvSbNbVuxw2EZnwIi2Kg2Y
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T11D5623F31270D10BE3D0CC7D8637BEB531F61A634E826879A5AA79C51933A70E612973
sha3_384: 8d151c6d313190b687589395204e80f3e70c42fd2a4559673036d3aff688b834fd0a001b2da3596c5a9112231876bc3b
ep_bytes: 681182343ee8b44416008b4704c0fdc1
timestamp: 2012-07-13 22:47:16


Version Info:

Translation: 0x0000 0x04b0
Comments: 
CompanyName: PROradius
FileDescription: PROradius
FileVersion: 1.6.0.0
InternalName: PROradius.exe
LegalCopyright: Copyright ©  2021
LegalTrademarks: 
OriginalFilename: PROradius.exe
ProductName: PROradius Safe
ProductVersion: 1.6.0.0
Assembly Version: 1.6.0.0

Malware.AI.369994353 also known as:

BkavW32.AIDetect.malware1
LionicTrojan.Win32.Zusy.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.GenericKD.47248451
FireEyeGeneric.mg.6d6fed620506b99e
McAfeeArtemis!6D6FED620506
MalwarebytesMalware.AI.369994353
ZillyaTrojan.Keylogger.Win32.57
K7AntiVirusTrojan ( 0056e6811 )
AlibabaTrojanSpy:MSIL/Keylogger.30b3a3cf
K7GWTrojan ( 0056e6811 )
Cybereasonmalicious.5265b2
BitDefenderThetaGen:NN.ZexaF.34294.@B0@aqXaIzk
SymantecML.Attribute.HighConfidence
TrendMicro-HouseCallTROJ_GEN.R002C0RJR21
Paloaltogeneric.ml
KasperskyTrojan-Spy.MSIL.Keylogger.dfki
BitDefenderTrojan.GenericKD.47248451
AvastWin32:Malware-gen
Ad-AwareTrojan.GenericKD.47248451
EmsisoftTrojan.GenericKD.47248451 (B)
TrendMicroTROJ_GEN.R002C0RJR21
McAfee-GW-EditionBehavesLike.Win32.Generic.tc
SentinelOneStatic AI – Malicious PE
SophosMal/Generic-R + Mal/VMProtBad-A
APEXMalicious
GDataTrojan.GenericKD.47248451
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 100)
AhnLab-V3HackTool/Win32.Agent.R342140
VBA32TScope.Malware-Cryptor.SB
ALYacTrojan.GenericKD.47248451
MAXmalware (ai score=85)
CylanceUnsafe
RisingTrojan.Generic@ML.99 (RDMK:2zIaWEfBsFJMNuN/0bjdJw)
YandexTrojan.GenAsa!u0gH+a0TujA
IkarusTrojan.Crypt
MaxSecureTrojan.Malware.122321452.susgen
FortinetW32/VMProtect.JG!tr
AVGWin32:Malware-gen
CrowdStrikewin/malicious_confidence_60% (W)

How to remove Malware.AI.369994353?

Malware.AI.369994353 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment