Malware

Malware.AI.3717045262 removal tips

Malware Removal

The Malware.AI.3717045262 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.3717045262 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Executed a command line with /C or /R argument to terminate command shell on completion which can be used to hide execution
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Guard pages use detected – possible anti-debugging.
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • A process created a hidden window
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • A scripting utility was executed
  • Uses Windows utilities for basic functionality
  • Uses Windows utilities for basic functionality

How to determine Malware.AI.3717045262?



File Info:

name: FAA4C8C4E4B1B44AB63D.mlw
path: /opt/CAPEv2/storage/binaries/d2d336c6ad49d76f066299877ab0115cba15050c90a6bce484fa47d8ace1c164
crc32: AB195C17
md5: faa4c8c4e4b1b44ab63dce1105b51a6d
sha1: b2acc7ec26117ba91b770d1d293fe9841fbd09cd
sha256: d2d336c6ad49d76f066299877ab0115cba15050c90a6bce484fa47d8ace1c164
sha512: 5c0ba74c72cda87cd40e8d99fb3809b74ffe53c29f037377d2695a78e1c3c701ac1bcf8918166b79cef49abbdca350f42ff10421020fac4d35a0b005b6123f28
ssdeep: 384:PlAtOTJMiOd+/X9GjcX/5PwxEVppNsp/x0C6aNJawcudoD7UEOk55:Pl3lWdUM4FXYpaCLnbcuyD7UEOk7
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T11782B0DBC06B8E8DC486C17E19DFEA0A0524F71FA1858626B2CD713BDF9234C194D792
sha3_384: b9fe96493c5833090ec3aeee3736bba4e0e1603290e803954dfe3df7184aefdc203cda67bfdab1f3c0654c9925e260c2
ep_bytes: 60be15a040008dbeeb6fffff5789e58d
timestamp: 2018-03-21 10:26:43


Version Info:

0: [No Data]

Malware.AI.3717045262 also known as:

BkavW32.AIDetect.malware2
LionicTrojan.Win32.Malicious.4!c
MicroWorld-eScanTrojan.GenericKD.31976269
FireEyeGeneric.mg.faa4c8c4e4b1b44a
ALYacTrojan.GenericKD.31976269
CylanceUnsafe
ZillyaTrojan.Diztakun.Win32.4021
SangforTrojan.Win32.BAT2EXE.C
K7AntiVirusTrojan ( 0051918e1 )
AlibabaPacked:Win32/BScope.918b7dbb
K7GWTrojan ( 0051918e1 )
Cybereasonmalicious.4e4b1b
CyrenW32/Zbot.AK.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Packed.BAT2EXE.C suspicious
APEXMalicious
Paloaltogeneric.ml
BitDefenderTrojan.GenericKD.31976269
NANO-AntivirusTrojan.Win32.PsDownload.ezckkt
AvastWin32:Malware-gen
TencentMalware.Win32.Gencirc.10b3d2ef
Ad-AwareTrojan.GenericKD.31976269
SophosMal/Generic-S
DrWebTrojan.DownLoader34.39812
VIPRETrojan.Win32.Generic!BT
McAfee-GW-EditionBehavesLike.Win32.Generic.lc
EmsisoftTrojan.GenericKD.31976269 (B)
SentinelOneStatic AI – Malicious PE
GDataTrojan.GenericKD.31976269
JiangminTrojanDownloader.PsDownload.ca
WebrootW32.Adware.Gen
AviraTR/Crypt.ULPM.Gen
Antiy-AVLTrojan/Generic.ASMalwS.2537CE4
MicrosoftRansom:Win32/Aicat.A!ml
CynetMalicious (score: 100)
McAfeeArtemis!FAA4C8C4E4B1
MAXmalware (ai score=100)
VBA32BScope.TrojanDownloader.PsDownload
MalwarebytesMalware.AI.3717045262
IkarusPUA.BAT2EXE
MaxSecureTrojan.Malware.300983.susgen
FortinetRiskware/Application
BitDefenderThetaGen:NN.ZexaF.34062.bmHfaSy4GVhi
AVGWin32:Malware-gen
PandaTrj/Genetic.gen
CrowdStrikewin/malicious_confidence_60% (D)

How to remove Malware.AI.3717045262?

Malware.AI.3717045262 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment