Malware.AI.3705387239 malicious file

The Malware.AI.3705387239 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.3705387239 virus can do?

CAPE extracted potentially suspicious content
Authenticode signature is invalid

How to determine Malware.AI.3705387239?


File Info:
name: DFBA89DF8D4AEADF2B01.mlw
path: /opt/CAPEv2/storage/binaries/16945438123dc6504387daf576b9f6a5986b1b609b41d87ab679ad9186d4fb4c
crc32: DD9FDF4E
md5: dfba89df8d4aeadf2b0151706c4a4288
sha1: 282795c3dfcb71ef47b4bd91db8c551044d81f17
sha256: 16945438123dc6504387daf576b9f6a5986b1b609b41d87ab679ad9186d4fb4c
sha512: 0ea51987bae34548d5b8d2c77d82ca78c4f39341196900c5d27c803cb796e7edf3cb3fc75e92203d4434f6e29f68d131c7d7de319b6ae1037c4a8370c2542a0b
ssdeep: 384:7cB6bAp6eYhjSXyv/kW9T0jK05kIcfaHwWcTdW:yvrYcXG9T05kI78
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1CA82C45067F1407EEABB8F358DB3269055B1A60B3505CF4B0C91228B4E33FA4DD92FA6
sha3_384: b7f07fd2af026f404fdc3f20e7e2537a3385821ebaae40c9fe51a489693283ad9ba821c9ff942a0b9293dabda91303a4
ep_bytes: ff250020400000000000000000000000
timestamp: 2021-04-01 22:04:14

Version Info:
Translation: 0x0000 0x04b0
Comments: Host Process for Windows Services
CompanyName: Microsoft® Windows® Operating System
FileDescription: Microsoft® Windows® Operating System
FileVersion: 4.2.7.3
InternalName: svchost.exe
LegalCopyright: ®Microsoft Corporation. All rights reserved.
LegalTrademarks: ®Microsoft Corporation
OriginalFilename: svchost.exe
ProductName: Microsoft® Windows® Operating System
ProductVersion: 4.2.7.3
Assembly Version: 4.2.7.3

Malware.AI.3705387239 also known as:

Bkav	W32.AIDetectNet.01
MicroWorld-eScan	IL:Trojan.MSILMamut.273
FireEye	Generic.mg.dfba89df8d4aeadf
ALYac	IL:Trojan.MSILMamut.273
Cylance	Unsafe
Sangfor	Trojan.Win32.Save.a
BitDefender	IL:Trojan.MSILMamut.273
Cybereason	malicious.f8d4ae
Arcabit	IL:Trojan.MSILMamut.273
BitDefenderTheta	Gen:NN.ZemsilF.34726.bm0@aCRzSib
Cyren	W32/Trojan.DIS.gen!Eldorado
Symantec	Trojan.Gen.MBT
Elastic	malicious (high confidence)
ESET-NOD32	a variant of MSIL/ClipBanker.MO
APEX	Malicious
ClamAV	Win.Packed.Clipbanker-9776642-0
Kaspersky	HEUR:Trojan.Win32.Generic
Cynet	Malicious (score: 99)
Ad-Aware	IL:Trojan.MSILMamut.273
Emsisoft	IL:Trojan.MSILMamut.273 (B)
DrWeb	Trojan.ClipBankerNET.7
VIPRE	IL:Trojan.MSILMamut.273
McAfee-GW-Edition	ClipBanker-FCNX!DFBA89DF8D4A
Trapmine	suspicious.low.ml.score
Sophos	Mal/Generic-S
Ikarus	Trojan.MSIL.ClipBanker
Avira	HEUR/AGEN.1202562
MAX	malware (ai score=85)
Microsoft	Trojan:MSIL/ClipBanker.GG!MTB
ZoneAlarm	HEUR:Trojan.Win32.Generic
GData	MSIL.Trojan-Stealer.ClipBanker.H
Google	Detected
AhnLab-V3	Malware/Win32.RL_Trojanspy.C4071344
Acronis	suspicious
McAfee	ClipBanker-FCNX!DFBA89DF8D4A
VBA32	CIL.StupidStealth.Heur
Malwarebytes	Malware.AI.3705387239
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	MSIL/ClipBanker.MZ!tr
AVG	Win32:TrojanX-gen [Trj]
Avast	Win32:TrojanX-gen [Trj]
CrowdStrike	win/malicious_confidence_100% (D)

How to remove Malware.AI.3705387239?

Malware.AI.3705387239 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X