Malware

Malware.AI.3721961547 removal guide

Malware Removal

The Malware.AI.3721961547 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.3721961547 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Behavioural detection: Executable code extraction – unpacking
  • Creates RWX memory
  • Anomalous file deletion behavior detected (10+)
  • Dynamic (imported) function loading detected
  • Manipulates data from or to the Recycle Bin
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Attempts to modify desktop wallpaper
  • Installs itself for autorun at Windows startup

How to determine Malware.AI.3721961547?



File Info:

name: 6CB710E9D70CA096C4E7.mlw
path: /opt/CAPEv2/storage/binaries/0e4fd8c9f9879821cfcdf6fe545c717e8174e3545c9581f701f615a6534ef168
crc32: 4E0E95A9
md5: 6cb710e9d70ca096c4e759cf12493d38
sha1: fe41a80967977900a7bce0ccbbbb4e3f0819b1ee
sha256: 0e4fd8c9f9879821cfcdf6fe545c717e8174e3545c9581f701f615a6534ef168
sha512: bfb780800ffcc3a5c131a1658d0c278e42def9a9778bd6324f9c35e9cd8659023120577b1c0fd37fa7c335faf607f0294ef7734d4f13714d78b10091e4e7c32e
ssdeep: 24576:9dyzxD2VfblbvdZsaVu0oER3huhrluyW5bFVXtH53VONJ8rV:93cWx0rl81FJtZIEB
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T111459D00EA01E03DE8B735F40A6E527DB17CAEE41720A5CF53C43BEA9A395F46D3165A
sha3_384: 075caed128b419065d9a2effb477e920ce63566090d40cf3307740f4d189805bdca370efe4fe49d6fd73cc1180d151e9
ep_bytes: 8bff558bece8d6170100e8110000005d
timestamp: 2018-05-02 16:48:32


Version Info:

FileDescription: Nests Basses Aopen Performance
LegalTrademarks: Twitter Inc. Copyright 2015
Languages: English
FileVersion: 6.9.6.4
CompanyName: Twitter Inc.
InternalName: Pimp
LegalCopyright: Twitter Inc. Copyright 2015
ProductName: Pimp
PrivateBuild: 6.9.6.4
Comments: Nests Basses Aopen Performance
ProductVersion: 6.9.6.4
Translation: 0x0409 0x04b0

Malware.AI.3721961547 also known as:

LionicTrojan.Win32.Foreign.4!c
Elasticmalicious (high confidence)
FireEyeGeneric.mg.6cb710e9d70ca096
CylanceUnsafe
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 0052ffb81 )
AlibabaRansom:Win32/Foreign.d47d29a9
K7GWTrojan ( 0052ffb81 )
Cybereasonmalicious.967977
BitDefenderThetaGen:NN.ZexaE.34212.hr0@a0QkGVli
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Kryptik.GKVO
APEXMalicious
AvastWin32:Malware-gen
CynetMalicious (score: 100)
KasperskyTrojan-Ransom.Win32.Foreign.nzvp
NANO-AntivirusTrojan.Win32.Kryptik.fbdwai
TencentWin32.Trojan.Foreign.Wskl
SophosMal/Generic-S
ComodoMalware@#1mp8h6pya6gv6
VIPRETrojan.Win32.Generic!BT
McAfee-GW-EditionBehavesLike.Win32.Dropper.tc
Paloaltogeneric.ml
GDataWin32.Trojan.Agent.4KLNVM
JiangminTrojan.Foreign.fbz
AviraHEUR/AGEN.1242900
GridinsoftRansom.Win32.Occamy.sa
MicrosoftTrojan:Win32/Occamy.C0E
TACHYONRansom/W32.Foreign.1168384
Acronissuspicious
McAfeeArtemis!6CB710E9D70C
MAXmalware (ai score=98)
MalwarebytesMalware.AI.3721961547
TrendMicro-HouseCallTROJ_GEN.R002H0CB522
RisingRansom.Foreign!8.292 (CLOUD)
YandexTrojan.Foreign!DQo7hWUDAko
SentinelOneStatic AI – Suspicious PE
FortinetW32/GenKryptik.BYTM!tr
AVGWin32:Malware-gen
PandaTrj/CI.A
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Malware.AI.3721961547?

Malware.AI.3721961547 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment