How to remove “Malware.AI.3709865787”?

The Malware.AI.3709865787 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.3709865787 virus can do?

The binary contains an unknown PE section name indicative of packing
The executable is compressed using UPX
Authenticode signature is invalid

How to determine Malware.AI.3709865787?


File Info:
name: 312AB7AC345852D41AB0.mlw
path: /opt/CAPEv2/storage/binaries/f36b06d0ffc2e4bd5c9acab8837741ff7b6c1a10b0b93abbef0c005fa852f374
crc32: 39242871
md5: 312ab7ac345852d41ab054680b6bce5d
sha1: 101e3f055344e0490caef0d3c6db6c65ef86e879
sha256: f36b06d0ffc2e4bd5c9acab8837741ff7b6c1a10b0b93abbef0c005fa852f374
sha512: 5fbe5a3717dfacc426463d04346981f4f6c6d08cd5c6a7c10638f23d8cd0516dcabc74c08ec52df0d3cae7170e434131fcef5c1d3391731ca8b207a4a53affc6
ssdeep: 96:gKwumnRDX689+fgTyVJmQNgV9eDV9aqrTwu9vIuS6lnUCJg:gKwjFAgWrxNScrvI0lnfg
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T119425CEEB3081867DB5B03379AC15122B0B6C314566F7944364C269FEEA1A783225F75
sha3_384: 5d58fb2bbbec67f8c445809c56a95ce9db14c9465844bf509e27d977ff678dcb31a7b8742783a7097fb1451b17c3e263
ep_bytes: 60be00a040008dbe0070ffff57eb0b90
timestamp: 2011-12-20 01:12:02

Version Info:
0: [No Data]

Malware.AI.3709865787 also known as:

Elastic	malicious (moderate confidence)
Cynet	Malicious (score: 100)
McAfee	Artemis!312AB7AC3458
Cylance	Unsafe
Sangfor	Suspicious.Win32.Save.a
CrowdStrike	win/malicious_confidence_100% (D)
BitDefenderTheta	AI:Packer.85BE5BB41C
Symantec	ML.Attribute.HighConfidence
BitDefender	Gen:Trojan.Heur.amW@!BgXE3ki
MicroWorld-eScan	Gen:Trojan.Heur.amW@!BgXE3ki
Avast	Win32:Malware-gen
Ad-Aware	Gen:Trojan.Heur.amW@!BgXE3ki
Sophos	Generic ML PUA (PUA)
VIPRE	Gen:Trojan.Heur.amW@!BgXE3ki
SentinelOne	Static AI – Suspicious PE
Trapmine	malicious.moderate.ml.score
FireEye	Generic.mg.312ab7ac345852d4
Emsisoft	Gen:Trojan.Heur.amW@!BgXE3ki (B)
APEX	Malicious
Avira	HEUR/AGEN.1234327
Microsoft	Trojan:Win32/Wacatac.B!ml
GData	Gen:Trojan.Heur.amW@!BgXE3ki
Google	Detected
AhnLab-V3	Spyware/Win32.Generic.C3355588
ALYac	Gen:Trojan.Heur.amW@!BgXE3ki
MAX	malware (ai score=88)
Malwarebytes	Malware.AI.3709865787
Ikarus	Trojan-GameThief.Win32.Nilage
AVG	Win32:Malware-gen
Cybereason	malicious.c34585

How to remove Malware.AI.3709865787?

Malware.AI.3709865787 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X