Malware

Malware.AI.3783337394 removal guide

Malware Removal

The Malware.AI.3783337394 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.3783337394 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • Unconventionial language used in binary resources: Chinese (Traditional)
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Network activity detected but not expressed in API logs

Related domains:

wpad.local-net

How to determine Malware.AI.3783337394?



File Info:

name: 992061D735432E1A3DEB.mlw
path: /opt/CAPEv2/storage/binaries/e4a2307414cc176c317f9d43f5a87fab1c1050a362b414c8adad42530168f197
crc32: A70B4ABB
md5: 992061d735432e1a3deb2332ed3ccf49
sha1: 4e8adbe5ec72609512c7662ae3e61ef14ed3dbd3
sha256: e4a2307414cc176c317f9d43f5a87fab1c1050a362b414c8adad42530168f197
sha512: 6a8b7ed5f271030240c7b504fb84643e44f9c49518432b89ee4fd29578debbe3a48e2314cab452e86a814465dca023e4dd8bf3249798b6d252017cd63e2e605c
ssdeep: 1536:74nB/1YvYAwrm/+4vVSVyY4u42Cer/0Kel3jw:7819mLE/0KW3E
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1C8C37BD0A624E896D226C8357723F641CEE5BCA0CF16D54BB081FE795B3F2C02B1965B
sha3_384: c6a62dd5922cefee5ea16019d4aca122118b9216e8ada13097c75a451e0da6e5e9551b1e2726751b50fd20a8a799e3bd
ep_bytes: 68bc3d4000e8f0ffffff000000000000
timestamp: 2017-04-13 14:21:51


Version Info:

Translation: 0x0404 0x04b0
Comments: CloudPay
CompanyName: CloudPay
FileDescription: CloudPay
LegalCopyright: CloudPay
LegalTrademarks: CloudPay
ProductName: CloudPay
FileVersion: 1.00
ProductVersion: 1.00
InternalName: arbejdsgru
OriginalFilename: arbejdsgru.exe

Malware.AI.3783337394 also known as:

BkavW32.AIDetect.malware1
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.GenericKD.38095190
FireEyeGeneric.mg.992061d735432e1a
McAfeeRDN/Generic Downloader.x
CylanceUnsafe
ZillyaTrojan.Shelsy.Win32.17
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 0058accd1 )
AlibabaTrojanDownloader:Win32/Shelsy.c79eea20
K7GWTrojan ( 0058accd1 )
Cybereasonmalicious.5ec726
BitDefenderThetaGen:NN.ZevbaF.34084.hm0@aO71x8jj
SymantecML.Attribute.HighConfidence
ESET-NOD32Win32/TrojanDownloader.Agent.FCS
APEXMalicious
Paloaltogeneric.ml
CynetMalicious (score: 100)
KasperskyTrojan.Win32.Shelsy.by
BitDefenderTrojan.GenericKD.38095190
AvastWin32:Trojan-gen
Ad-AwareTrojan.GenericKD.38095190
SophosMal/Generic-R + Troj/DwnLd-TX
TrendMicroTrojanSpy.Win32.NOON.UHBAZCLQO
McAfee-GW-EditionRDN/Generic Downloader.x
EmsisoftTrojan.GenericKD.38095190 (B)
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.25124.susgen
AviraHEUR/AGEN.1121320
MAXmalware (ai score=83)
GridinsoftRansom.Win32.Sabsik.sa
MicrosoftTrojan:Script/Phonzy.A!ml
ViRobotTrojan.Win32.Z.Shelsy.118784
GDataTrojan.GenericKD.38095190
VBA32TScope.Trojan.VB
ALYacTrojan.GenericKD.38095190
MalwarebytesMalware.AI.3783337394
TrendMicro-HouseCallTrojanSpy.Win32.NOON.UHBAZCLQO
YandexTrojan.Shelsy!qEgNCBqkcpU
IkarusTrojan.Win32.Injector
eGambitUnsafe.AI_Score_99%
FortinetW32/PossibleThreat
WebrootW32.Trojan.Dropper
AVGWin32:Trojan-gen
PandaTrj/GdSda.A
CrowdStrikewin/malicious_confidence_90% (W)

How to remove Malware.AI.3783337394?

Malware.AI.3783337394 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment