Malware

About “Malware.AI.3761149585” infection

Malware Removal

The Malware.AI.3761149585 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.3761149585 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • At least one process apparently crashed during execution
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • A process created a hidden window
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Created a process from a suspicious location
  • Installs itself for autorun at Windows startup
  • CAPE detected the AgentTeslaV3 malware family
  • Creates a copy of itself

How to determine Malware.AI.3761149585?



File Info:

name: 3777E0AD64F33A59DDB8.mlw
path: /opt/CAPEv2/storage/binaries/270a05c013c1ee52a4b2f04ea3e980b080e846080cd852a250ebf2064c048f62
crc32: 5D8878FE
md5: 3777e0ad64f33a59ddb850c6652f2e3f
sha1: de8188666a7ff7a3e8f6bfe9d278b978cd518cd2
sha256: 270a05c013c1ee52a4b2f04ea3e980b080e846080cd852a250ebf2064c048f62
sha512: 57639ef24207d1a871cb2dfdbfeaed2b4cb4f2f6d28ddca33d7f87907e4e03ea8191c06ae5783c137e83addb8cd9cee959e17d96be1c05efdb977d3f5fe8b289
ssdeep: 6144:Gwsmy7SI+CVEBn/9nIFRMqkFcKCKkddOsUidSpSWfQJgcz71gmNg:iH+CuV/RlF8vddOstdzWfQBpDC
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T14B74D091F595CCE6E85616F14C6FDC2021B3A64EE471461F219A3F3EAAB334310B7A4B
sha3_384: 6dd67ebc9e5c384ba312b6233257efb47e0bf61f5bc92da2a0c6bb7ae690ab201c675745767765cbaf8642125d543d75
ep_bytes: 81ec8001000053555633db57895c2418
timestamp: 2008-10-10 21:48:57


Version Info:

0: [No Data]

Malware.AI.3761149585 also known as:

BkavW32.AIDetect.malware2
Elasticmalicious (high confidence)
MicroWorld-eScanDropped:Trojan.GenericKDZ.83017
FireEyeDropped:Trojan.GenericKDZ.83017
CAT-QuickHealTrojan.Spynoon
McAfeeArtemis!3777E0AD64F3
MalwarebytesMalware.AI.3761149585
K7AntiVirusRiskware ( 0040eff71 )
AlibabaTrojan:Application/ObfusInjector.177cbc48
K7GWRiskware ( 0040eff71 )
CrowdStrikewin/malicious_confidence_100% (W)
CyrenW32/Injector.ATR.gen!Eldorado
SymantecPacked.Generic.606
ESET-NOD32MSIL/Spy.AgentTesla.C
APEXMalicious
Paloaltogeneric.ml
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderDropped:Trojan.GenericKDZ.83017
AvastWin32:PWSX-gen [Trj]
TencentWin32.Trojan-qqpass.Qqrob.Lkdz
Ad-AwareDropped:Trojan.GenericKDZ.83017
EmsisoftDropped:Trojan.GenericKDZ.83017 (B)
ComodoMalware@#y43zd4hzh6dh
DrWebTrojan.Inject4.24934
TrendMicroTROJ_GEN.R03FC0DAT22
McAfee-GW-EditionDropper-FYZ!5F82ED71A248
SophosMal/Generic-S
SentinelOneStatic AI – Suspicious PE
GDataDropped:Trojan.GenericKDZ.83017
AviraTR/AgentTesla.roatu
GridinsoftRansom.Win32.Sabsik.sa
ArcabitTrojan.Generic.D14449
ZoneAlarmHEUR:Trojan.Win32.Generic
MicrosoftTrojan:Win32/Tnega!ml
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win.DarkStealer.C4909643
BitDefenderThetaGen:NN.ZedlaF.34212.bq4@aOPzPBei
ALYacDropped:Trojan.GenericKDZ.83017
MAXmalware (ai score=82)
VBA32TrojanPSW.Agensla
TrendMicro-HouseCallTROJ_GEN.R03FC0DAT22
RisingTrojan.Injector!8.C4 (TFE:dGZlOgU9O2klXVv1GA)
IkarusTrojan.NSIS.Agent
FortinetW32/Kryptik.S!tr
AVGWin32:PWSX-gen [Trj]
Cybereasonmalicious.d64f33
PandaTrj/CI.A

How to remove Malware.AI.3761149585?

Malware.AI.3761149585 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment