Malware

How to remove “Malware.AI.3784363861”?

Malware Removal

The Malware.AI.3784363861 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.3784363861 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Malware.AI.3784363861?



File Info:

name: 1409CF7A00F7F955EA96.mlw
path: /opt/CAPEv2/storage/binaries/38fc5831c93df644ef84c10170a01356be121586b7bdbb8440ebd871b15d100b
crc32: BEA236E1
md5: 1409cf7a00f7f955ea96d5333fb6e694
sha1: de577dc64b664833a1e8c7c37729528d7b8d10ae
sha256: 38fc5831c93df644ef84c10170a01356be121586b7bdbb8440ebd871b15d100b
sha512: e610e9e0dc6d209a185663be3be9dc340f0dc2f4f97d92eed4526112d2adf5568b1030a4d5f4d0d5eb99d05132e0c84ba7bd51611491b2530b49925af3380302
ssdeep: 49152:TX30aWb8raT4cPq+60PJFwWWXsgoaL4yPyJ4tXuhPF/sBJ0L8qFYifAJc46X:z30aWb8rakib60PJFw/XRoaL4yPy2tXm
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T174852393A0438305F5B25A708DB168885CAFFC697C38392E291BEFD8F637E50A09575D
sha3_384: 12feaa2c916696ffd8abd0f33aca882748eaeed86e65d74003583b70ee4d6f38fe8fabf2608ea9ff3439163897d0f064
ep_bytes: 60be009049008dbe0080f6ff5783cdff
timestamp: 2012-08-14 20:35:33


Version Info:

Translation: 0x0804 0x04b0
CompanyName: 魔灵软件
FileDescription: 球球助手持续更新
ProductName: 全能助手永久更新
FileVersion: 1.00
ProductVersion: 1.00
InternalName: 球球全能助手
OriginalFilename: 球球全能助手.exe

Malware.AI.3784363861 also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.VB.lQTU
MicroWorld-eScanGen:Variant.Babar.336093
FireEyeGeneric.mg.1409cf7a00f7f955
SkyhighBehavesLike.Win32.Generic.tc
ALYacGen:Variant.Babar.336093
MalwarebytesMalware.AI.3784363861
VIPREGen:Variant.Babar.336093
SangforTrojan.Win32.Agent.V9en
BitDefenderGen:Variant.Babar.336093
Cybereasonmalicious.64b664
CynetMalicious (score: 100)
APEXMalicious
Trapminemalicious.moderate.ml.score
EmsisoftGen:Variant.Babar.336093 (B)
GDataGen:Variant.Babar.336093
VaristW32/ABRisk.EXVH-2805
Antiy-AVLTrojan/Win32.PossibleThreat
Kingsoftmalware.kb.b.863
ArcabitTrojan.Babar.D520DD
GoogleDetected
MAXmalware (ai score=80)
DeepInstinctMALICIOUS
Cylanceunsafe
TrendMicro-HouseCallTROJ_GEN.R023H09JJ23
FortinetW32/PossibleThreat
CrowdStrikewin/malicious_confidence_90% (W)

How to remove Malware.AI.3784363861?

Malware.AI.3784363861 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment