Malware

Malware.AI.3707935629 removal

Malware Removal

The Malware.AI.3707935629 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.3707935629 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • Unconventionial language used in binary resources: Russian
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid

How to determine Malware.AI.3707935629?



File Info:

name: 6A60B2053D4DFB6F7D7B.mlw
path: /opt/CAPEv2/storage/binaries/c0d070bfe780378045d936af82fc6d160b3e155b9b3816094ce252a3b12c6dc3
crc32: 1983AF56
md5: 6a60b2053d4dfb6f7d7b5f7f86820c52
sha1: 6bc71c45ef7bc7bdef62f066bf79e6eb4e44e35b
sha256: c0d070bfe780378045d936af82fc6d160b3e155b9b3816094ce252a3b12c6dc3
sha512: ab66ca3abafcc4549ee0fb22e571850226c412acdd419e5caa09f3a2ec1ecdc34f0f43603199810eaefc34df664f4b56131a2c27e6e21a22cc8e2f5334e7ce23
ssdeep: 3072:5lc4BfDsLg1EjFpUIVMUJfp6OgQqtPMxOJu0eiM8uX6UCpY:XpfDss1EFpiKQOgQqtIOJheiM8g6T
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1C6E3AEA138B5C45BE49342F401FBA359AD3EBE7C4E10350B8BCE2D6F25DA521EF64819
sha3_384: 31fefbce5001c1ab5ac94134c1d4da0b4b54c8af69f4d304c110bbf2ed9ddd61b0df49dac33c9525970199101d5ba01b
ep_bytes: e8ed050000000000007300334f006976
timestamp: 2009-11-03 05:53:18


Version Info:

CompanyName: CJSC Computing Forces
FileDescription: Nice Wares
FileVersion: 5.3.15.0
InternalName: Nice Wares.exe
LegalCopyright: Nice Wares
OriginalFilename: NWares.exe
ProductName: NWares Inc.
ProductVersion: 5.3.15.0
Translation: 0x0409 0x04b0

Malware.AI.3707935629 also known as:

BkavW32.Common.983BF893
LionicHacktool.Win32.Katusha.liJl
tehtrisGeneric.Malware
MicroWorld-eScanGen:Variant.Kazy.865
FireEyeGeneric.mg.6a60b2053d4dfb6f
McAfeeDownloader-CEW.o
CylanceUnsafe
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan-Downloader ( 001c56291 )
AlibabaPacked:Win32/Katusha.cdf0fb8c
K7GWTrojan-Downloader ( 001c56291 )
Cybereasonmalicious.53d4df
BitDefenderThetaGen:NN.ZexaF.34606.jy0@a4UJzDdk
VirITTrojan.Win32.FakeAV.FFT
CyrenW32/FakeAlert.II.gen!Eldorado
SymantecTrojan.FakeAV!gen29
Elasticmalicious (high confidence)
ESET-NOD32Win32/TrojanDownloader.FakeAlert.BBT
TrendMicro-HouseCallTROJ_FAKEAV.SM1
Paloaltogeneric.ml
ClamAVWin.Trojan.Fraudpack-4743
KasperskyPacked.Win32.Katusha.o
BitDefenderGen:Variant.Kazy.865
NANO-AntivirusTrojan.Win32.TrjGen.bkwcx
ViRobotTrojan.Win32.Downloader.147456.CZ
AvastWin32:MalOb-BX [Cryp]
RisingDownloader.FakeAlert!8.4FF (CLOUD)
Ad-AwareGen:Variant.Kazy.865
EmsisoftGen:Variant.Kazy.865 (B)
ComodoMalCrypt.Indus!@1qrzi1
DrWebTrojan.Siggen2.7554
ZillyaTrojan.FakeAV.Win32.32897
TrendMicroTROJ_FAKEAV.SM1
McAfee-GW-EditionDownloader-CEW.o
SentinelOneStatic AI – Malicious PE
SophosMal/Generic-R + Mal/FakeAV-CS
APEXMalicious
GDataGen:Variant.Kazy.865
JiangminTrojanDownloader.CodecPack.app
WebrootW32.Malware.Downloader
AviraTR/Fraudpack.kva.94
ArcabitTrojan.Kazy.865
SUPERAntiSpywareTrojan.Agent/Gen-Deskryp
ZoneAlarmPacked.Win32.Katusha.o
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Renos.R2040
VBA32Malware-Cryptor.Grygoryi.3
ALYacGen:Variant.Kazy.865
MAXmalware (ai score=100)
MalwarebytesMalware.AI.3707935629
TencentMalware.Win32.Gencirc.10baa3f4
YandexTrojan.Codecpack.Gen.11
IkarusTrojan-Downloader.Win32.Renos
FortinetW32/Katusha.N!tr
AVGWin32:MalOb-BX [Cryp]
PandaTrj/Genetic.gen
CrowdStrikewin/malicious_confidence_90% (W)

How to remove Malware.AI.3707935629?

Malware.AI.3707935629 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment