Malware.AI.3789694992 malicious file

The Malware.AI.3789694992 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.3789694992 virus can do?

Dynamic (imported) function loading detected
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid
Anomalous .NET characteristics

How to determine Malware.AI.3789694992?


File Info:
name: 6E2C06AE9CB714978384.mlw
path: /opt/CAPEv2/storage/binaries/009356aca16137da219e71e525492abb0665c788f567856de1731697d42b5132
crc32: 96FFF4E9
md5: 6e2c06ae9cb714978384a2b7982445a0
sha1: 29beb73fd4dab0de2dda5fd4092e286fa308ccd6
sha256: 009356aca16137da219e71e525492abb0665c788f567856de1731697d42b5132
sha512: 2a1eab7e52b87e8dd89e47bcc3dde9c95524b8efc2fa3d8a0cf0d97db9b76b8763cf62a8b924a70b5968f093d46f1cbdfe47c33af5cc13d58db7396d49a69e96
ssdeep: 12288:tMmaQNWM34JYqXYZ11XiGGI/P2NZxF7k3vHls0cGW3ahUTTT:tP7toJDYZfSVF7k/yrGAa+TT
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T147E402BD1EA14DF1E67E5A39E9033E085FF788395603D30F58A02179BA43BD629B1943
sha3_384: 2ed51993eae2d4d372b5626b817124fb3e2bd336d413aac670a58c7c8a5cc1571b709025e1041276149f929e33b72fec
ep_bytes: ff250020400000000000000000000000
timestamp: 2022-02-04 01:59:02

Version Info:
Translation: 0x0000 0x04b0
FileDescription:  
FileVersion: 0.0.0.0
InternalName: netframework.exe
LegalCopyright:  
OriginalFilename: netframework.exe
ProductVersion: 0.0.0.0
Assembly Version: 0.0.0.0

Malware.AI.3789694992 also known as:

Lionic	Trojan.Win32.Malicious.4!c
Elastic	malicious (high confidence)
MicroWorld-eScan	IL:Trojan.MSILZilla.13153
FireEye	Generic.mg.6e2c06ae9cb71497
McAfee	Artemis!6E2C06AE9CB7
Cylance	Unsafe
Sangfor	Suspicious.Win32.Save.a
K7AntiVirus	Trojan ( 0058b9bd1 )
Alibaba	Packed:MSIL/DarksProtector.83354f2b
K7GW	Trojan ( 0058b9bd1 )
Cybereason	malicious.fd4dab
Cyren	W32/S-3049d5f7!Eldorado
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of MSIL/Packed.DarksProtector.B suspicious
APEX	Malicious
Paloalto	generic.ml
Cynet	Malicious (score: 100)
Kaspersky	HEUR:Trojan-PSW.MSIL.Disco.gen
BitDefender	IL:Trojan.MSILZilla.13153
Avast	Win32:Malware-gen
Ad-Aware	IL:Trojan.MSILZilla.13153
Sophos	Mal/Generic-S
McAfee-GW-Edition	BehavesLike.Win32.Generic.bc
Emsisoft	IL:Trojan.MSILZilla.13153 (B)
GData	IL:Trojan.MSILZilla.13153
Avira	HEUR/AGEN.1235903
Antiy-AVL	Trojan/Generic.ASMalwS.35242AF
Gridinsoft	Ransom.Win32.Sabsik.sa
ZoneAlarm	HEUR:Trojan-PSW.MSIL.Disco.gen
Microsoft	Trojan:Win32/AgentTesla!ml
AhnLab-V3	Trojan/Win.Generic.C4511865
BitDefenderTheta	Gen:NN.ZemsilF.34212.Rm1@aWbOIOj
ALYac	IL:Trojan.MSILZilla.13153
MAX	malware (ai score=87)
VBA32	CIL.HeapOverride.Heur
Malwarebytes	Malware.AI.3789694992
TrendMicro-HouseCall	TROJ_GEN.R002H09B522
Rising	Trojan.Generic/MSIL@AI.92 (RDM.MSIL:y2VW7GSujQvFoHScTExWpw)
Yandex	Riskware.DarksProtector!p9SKHQp+cQo
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	Riskware/Application
AVG	Win32:Malware-gen
Panda	Trj/GdSda.A
CrowdStrike	win/malicious_confidence_90% (W)

How to remove Malware.AI.3789694992?

Malware.AI.3789694992 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X