Malware

Malware.AI.3780104301 information

Malware Removal

The Malware.AI.3780104301 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Malware.AI.3780104301 virus can do?

  • Sample contains Overlay data
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid

How to determine Malware.AI.3780104301?


File Info:

name: 791C293C34C4D8B09213.mlw
path: /opt/CAPEv2/storage/binaries/8ebd1db3eeaabb8bb20b142bd4b4d031b87b8ee486bc96e3a26472e947dc3e34
crc32: 34F5928F
md5: 791c293c34c4d8b09213e1139f7648e0
sha1: 884383bba1a59cbf8fcce18364bcc8299bb21b42
sha256: 8ebd1db3eeaabb8bb20b142bd4b4d031b87b8ee486bc96e3a26472e947dc3e34
sha512: d0e536f12328ede9bc713c802597d98dfe344370be59b10fdd158813e9adfedadc5b3f04972a554fae6ca65027b232147b992d601544861284a1c7c85d3dffbc
ssdeep: 1536:2t57r4ZYeBm0IX9/BaJBmPRDtrKOJXIEKCA1EDepLjSslhv/u:o7r4Znw0Ina6P6OJG1EKdjNlk
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T140843AF28C886044E94AEFB85CEDECC7C42F6112565522E67E47C85734E2B8BE770476
sha3_384: eacd4a4231933d9eb5b97c3eac3b75ed7e873cf523ad7d3630d5360d2fd415cfd84669b36a1c9807ad10342fa5878d6e
ep_bytes: 8bda03f88bf981c236615879bb765900
timestamp: 2004-06-03 12:45:55

Version Info:

LegalCopyright: Copyright © Xytqi Software 2000-2010
CompanyName: FB SOFTWIN QOV
FileVersion: 337
OriginalFilename: Xytqi.exe
FileDescription: Xytqi Iuypfu Oaytcfoqg
InternalName: Xytqi
ProductName: Xytqi
ProductVersion: 8.10
mewVht: s3gNxPyv
To2CnNivaP: lEyqC
keFELQD: xjSOtxcUU
c2AFSL4den: Aak3MHn78
te5WsD1H2C: ppBSpE2U64
4sdrvY8: QxoO6WXbm1
uDXCRTIWF: 78N7YnsNK
RHCGBhcf: LMlTGbE2Mr
XG5dL: 6LMRB
umYSH1w73N: SVgpX4Gfl
Translation: 0x0409 0x04b0

Malware.AI.3780104301 also known as:

BkavW32.AIDetect.malware2
MicroWorld-eScanGen:Variant.Razy.445558
FireEyeGeneric.mg.791c293c34c4d8b0
CylanceUnsafe
VIPREGen:Variant.Razy.445558
SangforTrojan.Win32.Save.a
K7AntiVirusSpyware ( 0055e3db1 )
K7GWSpyware ( 0055e3db1 )
CrowdStrikewin/malicious_confidence_70% (D)
BitDefenderThetaGen:NN.ZexaF.34592.yC2@a0mCNhpi
CyrenW32/Trojan.GXIX-0584
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32Win32/Spy.Agent.NVQ
APEXMalicious
KasperskyTrojan.Win32.Oficla.mnw
BitDefenderGen:Variant.Razy.445558
NANO-AntivirusTrojan.Win32.Oficla.hoixbo
SUPERAntiSpywareTrojan.Agent/Gen-Falint
AvastWin32:Trojan-gen
Ad-AwareGen:Variant.Razy.445558
SophosML/PE-A
ZillyaTrojan.Agent.Win32.134962
Trapminemalicious.high.ml.score
EmsisoftGen:Variant.Razy.445558 (B)
SentinelOneStatic AI – Malicious PE
GDataGen:Variant.Razy.445558
JiangminTrojan/Oficla.alt
GoogleDetected
AviraTR/Oficla.AF
MAXmalware (ai score=83)
Antiy-AVLTrojan/Generic.ASMalwS.359
ArcabitTrojan.Razy.D6CC76
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.ZBot.C2448958
VBA32Trojan.Oficla
ALYacGen:Variant.Razy.445558
MalwarebytesMalware.AI.3780104301
RisingMalware.FakeXLS/ICON!1.9C3D (CLASSIC)
YandexTrojan.Oficla!UgEzPVSdP9Y
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Yakes.B!tr
AVGWin32:Trojan-gen

How to remove Malware.AI.3780104301?

Malware.AI.3780104301 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment