Malware

How to remove “Malware.AI.3775605079”?

Malware Removal

The Malware.AI.3775605079 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.3775605079 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • At least one process apparently crashed during execution
  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Deletes its original binary from disk
  • Collects information to fingerprint the system

How to determine Malware.AI.3775605079?



File Info:

name: E7D867C308006DDB53DD.mlw
path: /opt/CAPEv2/storage/binaries/cd1ae516008f0442412a80a1b8c4418584afab30730b047fae34734a8c869705
crc32: C355CD3E
md5: e7d867c308006ddb53ddb16ed5fc4368
sha1: 765a5fdea97337c689e34f5cc318706929e6e162
sha256: cd1ae516008f0442412a80a1b8c4418584afab30730b047fae34734a8c869705
sha512: 6d8e248b4be69ff2a05a584457ef885cf332dc9a05ce6c07a86df8e675042fd49f74e44e81eeea1a303e5b77cc585a44416ed33e636be80ea88c71b1bb29f629
ssdeep: 3072:BiIV6FHryMYqZgnoj+hY30FX2Hr6VHqyCXFVHRMh7gdBscNv1JRh9F83outMu:BvV6FHry5W++wEr2tyssdyYv1jF83oSl
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T12E141306DD12A6A3FCE7777931556662C1A1D040A8C4C369F6DC6097ECA374D29ECC17
sha3_384: 4bab68b4b8c796440b15e35e0c5d4e31763af0e1b8aa4bf3bb0742e24286bf6bb81abc11917f9fab67e56bd824412766
ep_bytes: 60be002042008dbe00f0fdff5789e58d
timestamp: 2011-05-11 15:51:47


Version Info:

CompanyName: Quick Heal Technologies (P) Ltd.
FileDescription: Quick Heal AntiMalware
FileVersion: 6.0.0.1
InternalName: asmain.exe
LegalCopyright: © Quick Heal Technologies (P) Ltd. All rights reserved.
OriginalFilename: asmain.exe
ProductName: Quick Heal AntiVirus
ProductVersion: 13.00
Translation: 0x0409 0x04e4

Malware.AI.3775605079 also known as:

BkavW32.AIDetect.malware2
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Zusy.641
FireEyeGeneric.mg.e7d867c308006ddb
CAT-QuickHealTrojanPWS.Zbot.Y
McAfeeArtemis!E7D867C30800
CylanceUnsafe
ZillyaTrojan.Kryptik.Win32.208676
CrowdStrikewin/malicious_confidence_90% (W)
AlibabaTrojanPSW:Win32/Kryptik.d579ca1b
K7GWPassword-Stealer ( 003c6e581 )
K7AntiVirusPassword-Stealer ( 003c6e581 )
VirITTrojan.Win32.Generic.BIOY
CyrenW32/Zbot.DD.gen!Eldorado
SymantecPacked.Generic.350
ESET-NOD32a variant of Win32/Kryptik.AAAB
APEXMalicious
Paloaltogeneric.ml
CynetMalicious (score: 100)
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Variant.Zusy.641
NANO-AntivirusTrojan.Win32.Panda.lskmt
AvastWin32:Kryptik-HES [Trj]
TencentMalware.Win32.Gencirc.114915b5
Ad-AwareGen:Variant.Zusy.641
SophosMal/Generic-R + Mal/Zbot-EZ
ComodoTrojWare.Win32.Kryptik.ZSAA@4mdv0b
DrWebTrojan.PWS.Panda.655
VIPRETrojan.Win32.Reveto.D (v)
TrendMicroTSPY_ZBOT.LEX
McAfee-GW-EditionBehavesLike.Win32.Spyware.cc
EmsisoftGen:Variant.Zusy.641 (B)
SentinelOneStatic AI – Malicious PE
GDataGen:Variant.Zusy.641
JiangminTrojan/Generic.voyc
WebrootW32.InfoStealer.Zeus
AviraTR/Crypt.ULPM.Gen
MAXmalware (ai score=99)
Antiy-AVLTrojan/Generic.ASMalwS.3AA91B
KingsoftWin32.Troj.Undef.(kcloud)
ArcabitTrojan.Zusy.641
ZoneAlarmHEUR:Trojan.Win32.Generic
MicrosoftTrojan:Win32/Zbot.SIBE15!MTB
AhnLab-V3Trojan/Win32.Menti.R20280
Acronissuspicious
BitDefenderThetaGen:NN.ZexaF.34212.lm1@amKOY1mi
ALYacGen:Variant.Zusy.641
VBA32Malware-Cryptor.ImgChk
MalwarebytesMalware.AI.3775605079
TrendMicro-HouseCallTSPY_ZBOT.LEX
RisingTrojan.Kryptik!8.8 (CLOUD)
YandexTrojan.Kryptik!w4mAbllv7aM
IkarusTrojan.Win32.Reveton
MaxSecureTrojan.Malware.2588.susgen
FortinetW32/Kryptik.ABC!tr
AVGWin32:Kryptik-HES [Trj]
Cybereasonmalicious.308006
PandaGeneric Malware

How to remove Malware.AI.3775605079?

Malware.AI.3775605079 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment