Malware

Should I remove “Malware.AI.3773770685”?

Malware Removal

The Malware.AI.3773770685 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.3773770685 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Anomalous .NET characteristics
  • Behavioural detection: Injection (Process Hollowing)
  • Behavioural detection: Injection (inter-process)
  • CAPE detected the AgentTeslaV2 malware family
  • Checks the version of Bios, possibly for anti-virtualization
  • Checks the presence of disk drives in the registry, possibly for anti-virtualization
  • Detects VirtualBox through the presence of a registry key
  • Detects VMware through the presence of a registry key
  • Accessed credential storage registry keys
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Malware.AI.3773770685?



File Info:

name: F8292B6A68B76625E921.mlw
path: /opt/CAPEv2/storage/binaries/dba18c9e1704591fe1a96b251fdeb88e3b9d73acc49b2269dbb05f1ad065fa03
crc32: B00F92FF
md5: f8292b6a68b76625e921d04c9dbd9b30
sha1: 7be7f73af660fc64923c3518356eea6fce39324d
sha256: dba18c9e1704591fe1a96b251fdeb88e3b9d73acc49b2269dbb05f1ad065fa03
sha512: de3ac584e290b42b53282953fbd21fb9937f582d59ed855034591c2d3784621ff751cfe5b3464bcf26b506e28b668d53fd2e9deff967a86ddb69c13d218a6e78
ssdeep: 12288:UjlCd53divMux5VPBv2QmAOhI+sSGXwYSKM4AeP4gF3FFYcebLRpjq/:g+fiv9vb+bKMbgF3FHmLRZO
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T15EC4D07E7FF90C67CDA442FCC4802441DFB7906D619EE6DA0CD1A4DEA6C8B4A4A87943
sha3_384: 13c68796823a76cd7be1ceede05129a46eeeea7c62edf446ca887cdd8caa123dab164c71e1ab26d62377cb74f81f5735
ep_bytes: ff250020400000000000000000000000
timestamp: 2020-04-21 08:28:10


Version Info:

Translation: 0x0000 0x04b0
FileDescription:  
FileVersion: 0.0.0.0
InternalName: QOVrRGgfJjfDSERA.exe
LegalCopyright:  
OriginalFilename: QOVrRGgfJjfDSERA.exe
ProductVersion: 0.0.0.0
Assembly Version: 0.0.0.0

Malware.AI.3773770685 also known as:

BkavW32.AIDetectMalware.CS
LionicTrojan.MSIL.Agensla.i!c
DrWebTrojan.PackedNET.964
MicroWorld-eScanTrojan.GenericKDZ.66663
CAT-QuickHealTrojan.YakbeexMSIL.ZZ4
SkyhighBehavesLike.Win32.Generic.hc
McAfeeGenericRXKI-TO!F8292B6A68B7
Cylanceunsafe
ZillyaTrojan.Kryptik.Win32.1989989
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 700000121 )
AlibabaTrojanPSW:MSIL/Agensla.7b5173e3
K7GWTrojan ( 700000121 )
Cybereasonmalicious.af660f
ArcabitTrojan.Generic.D10467
BitDefenderThetaGen:NN.ZemsilF.36680.Im0@aGO8IIo
VirITTrojan.Win32.PSWStealer.CDJ
SymantecTrojan.Gen.2
Elasticmalicious (high confidence)
ESET-NOD32a variant of MSIL/Kryptik.XOY
CynetMalicious (score: 100)
APEXMalicious
KasperskyHEUR:Trojan-PSW.MSIL.Agensla.gen
BitDefenderTrojan.GenericKDZ.66663
AvastWin32:PWSX-gen [Trj]
TencentMsil.Trojan-QQPass.QQRob.Gmnw
EmsisoftTrojan.GenericKDZ.66663 (B)
F-SecureHeuristic.HEUR/AGEN.1329703
VIPRETrojan.GenericKDZ.66663
SophosTroj/MSIL-SSP
IkarusTrojan.MSIL.Crypt
JiangminTrojan.PSW.MSIL.xbr
VaristW32/MSIL_Troj.UB.gen!Eldorado
AviraHEUR/AGEN.1329703
Antiy-AVLTrojan/Win32.Wacatac
Kingsoftmalware.kb.c.1000
XcitiumMalware@#tybu5pymphxi
MicrosoftTrojan:Win32/Ashify.J!ibt
ZoneAlarmHEUR:Trojan-PSW.MSIL.Agensla.gen
GDataTrojan.GenericKDZ.66663
GoogleDetected
AhnLab-V3Trojan/Win32.Lokibot.R333682
MalwarebytesMalware.AI.3773770685
PandaTrj/GdSda.A
RisingMalware.Obfus/MSIL@AI.100 (RDM.MSIL2:/LhtAm5d5xbocWoXOEmfqA)
YandexTrojan.Igent.bTA8Tj.55
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.74499699.susgen
FortinetMSIL/GenKryptik.EIVY!tr
AVGWin32:PWSX-gen [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Malware.AI.3773770685?

Malware.AI.3773770685 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment