Malware.AI.3795841452 (file analysis)

The Malware.AI.3795841452 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.3795841452 virus can do?

Dynamic (imported) function loading detected
Authenticode signature is invalid
Binary compilation timestomping detected

How to determine Malware.AI.3795841452?


File Info:
name: 09521946BFE3A3D8A78B.mlw
path: /opt/CAPEv2/storage/binaries/0a7898874988f5b0a304ca1dbd28612c2a194e274fc884ecd553ea9e880da81f
crc32: 3D219C63
md5: 09521946bfe3a3d8a78b032ceb93b32a
sha1: 7e4070b79ff0fea2a60ad0e7f8bdc81e14c002d8
sha256: 0a7898874988f5b0a304ca1dbd28612c2a194e274fc884ecd553ea9e880da81f
sha512: e48060159acc094d593348068d1cdc560b085552c0ef14375e126ecf019e1212174df324647b6226cfeaaeb2bb1dab2c5ea10df790ace67c9b058580106f5548
ssdeep: 768:4F8aKG3yuraHk4XDE1/4ztMtWleUq6Y1+ZZ8yBr9a3hAZ/J18pq:tGCD8CoL+ZZ8gr9a3KZ/Jepq
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T140033A469F5B75E0D52F35BB7F2120F0F2979940A1948B29E988A83DBE4E21050E7BF4
sha3_384: e8263b6e03299fab166318d354cee555d6c6ca4d18934d12188638974b96ae1ee1af8f38eb0f1673dd09eb10cdfe52ac
ep_bytes: ff250020400000000000000000000000
timestamp: 2062-06-03 08:42:20

Version Info:
Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: 
FileVersion: 1.0.0.0
InternalName: sg1.exe
LegalCopyright: Copyright ©  2021
LegalTrademarks: 
OriginalFilename: sg1.exe
ProductName: 
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Malware.AI.3795841452 also known as:

Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Lazy.82645
ALYac	Gen:Variant.Lazy.82645
Cylance	Unsafe
Zillya	Trojan.Discord.Win32.6950
BitDefender	Gen:Variant.Lazy.82645
Cybereason	malicious.79ff0f
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of MSIL/PSW.Discord.AFJ
APEX	Malicious
Emsisoft	Gen:Variant.Lazy.82645 (B)
Comodo	TrojWare.MSIL.Injector.AK@6i5hk2
FireEye	Generic.mg.09521946bfe3a3d8
SentinelOne	Static AI – Suspicious PE
Avira	HEUR/AGEN.1143431
MAX	malware (ai score=87)
Antiy-AVL	Trojan/Generic.ASMalwS.351B574
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
GData	Gen:Variant.Lazy.82645
Cynet	Malicious (score: 99)
AhnLab-V3	Trojan/Win.Generic.C4883156
McAfee	GenericRXRP-QT!09521946BFE3
Malwarebytes	Malware.AI.3795841452
Yandex	Trojan.PWS.Discord!W3jgVctf9iM
BitDefenderTheta	Gen:NN.ZemsilF.34182.cm0@a0A8PVm
AVG	Win32:TrojanX-gen [Trj]
Avast	Win32:TrojanX-gen [Trj]
CrowdStrike	win/malicious_confidence_70% (D)
MaxSecure	Trojan.Malware.300983.susgen

How to remove Malware.AI.3795841452?

Malware.AI.3795841452 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X