Malware

Malware.AI.3776872938 removal guide

Malware Removal

The Malware.AI.3776872938 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.3776872938 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Behavioural detection: Executable code extraction – unpacking
  • Attempts to connect to a dead IP:Port (1 unique times)
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Collects information to fingerprint the system

Related domains:

wpad.local-net

How to determine Malware.AI.3776872938?



File Info:

name: A606A6DEECBDEC1F5E2B.mlw
path: /opt/CAPEv2/storage/binaries/d71fa4fd82c007b86b019fe1bcaef51397cdbbcc3b2b3bd41959572362d1b2be
crc32: B2A8E00E
md5: a606a6deecbdec1f5e2b78c43411b652
sha1: 5a91656d77b606f19eea964793f2adefda874de0
sha256: d71fa4fd82c007b86b019fe1bcaef51397cdbbcc3b2b3bd41959572362d1b2be
sha512: 2889ae73ee9aaf3fcc1d8e41e8efe902614e163e95ab820db46d1089782eca5739eff9c233b4eeb6e956a197fc8e8b52f51680d6489d6123aad4baab22f43fcc
ssdeep: 12288:AOFPnmgQwPFckBo0rZ9INq4pW+DK+JvSN+Tb6XhM:EyI9s+VJqUb6XW
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1B2B4BE12F7A2D2F0D99605B0086A97661A7BFD5D4F21CBD7AB94BF2EAD312D00933305
sha3_384: 24358ccdc9c60b5e0df480f02038903d074b4c4cc5e242bc7f57718c7d660e67b5d07f07dc7415f5458f8491e959116f
ep_bytes: e84c870000e916feffff3b0de88b9a26
timestamp: 2018-06-04 19:25:13


Version Info:

Comments: Duedate Encoded Announces
OriginalFilename: ProtocolWriteable
InternalName: ProtocolWriteable
CompanyName: Didi Chuxing
FileDescription: Duedate Encoded Announces
LegalTrademarks: (C)Didi Chuxing 2007-2015 
LegalCopyright: (C)Didi Chuxing 2007-2015 
FileVersion: 7.3.4.7
PrivateBuild: 7.3.4.7
ProductName: ProtocolWriteable
ProductVersion: 7.3.4.7
Translation: 0x0409 0x04b0

Malware.AI.3776872938 also known as:

LionicTrojan.Win32.Generic.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.Generic.23023626
FireEyeGeneric.mg.a606a6deecbdec1f
McAfeeGeneric.dup
CylanceUnsafe
SangforTrojan.Win32.Generic.2
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaTrojan:Win32/Kryptik.d73da516
K7GWTrojan ( 00533c9f1 )
K7AntiVirusTrojan ( 00533c9f1 )
BitDefenderThetaGen:NN.ZexaF.34294.Gq0@aSr86Rbi
SymantecTrojan Horse
ESET-NOD32a variant of Win32/Kryptik.GIQW
TrendMicro-HouseCallTROJ_GEN.R002C0PIO21
Paloaltogeneric.ml
ClamAVWin.Packer.MalwareCrypter-6620810-1
BitDefenderTrojan.Generic.23023626
AvastWin32:Malware-gen
TencentWin32.Trojan.Generic.Ljtm
Ad-AwareTrojan.Generic.23023626
EmsisoftTrojan.Generic.23023626 (B)
ComodoMalware@#eyc7imzvngc6
VIPRETrojan.Win32.Generic!BT
TrendMicroTROJ_GEN.R002C0PIO21
McAfee-GW-EditionGeneric.dup
SophosMal/Generic-S
SentinelOneStatic AI – Suspicious PE
WebrootW32.Trojan.Gen
AviraHEUR/AGEN.1129571
MAXmalware (ai score=89)
MicrosoftTrojan:Win32/Occamy.CD7
GDataTrojan.Generic.23023626
CynetMalicious (score: 100)
Acronissuspicious
VBA32BScope.TrojanSpy.Zbot
ALYacTrojan.Generic.23023626
MalwarebytesMalware.AI.3776872938
APEXMalicious
YandexTrojan.GenKryptik!akd/zK9pHoI
IkarusTrojan.Win32.Krypt
FortinetW32/GenKryptik.CBSD!tr
AVGWin32:Malware-gen
Cybereasonmalicious.eecbde
PandaTrj/CI.A

How to remove Malware.AI.3776872938?

Malware.AI.3776872938 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment