Should I remove “Malware.AI.3803548926”?

The Malware.AI.3803548926 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.3803548926 virus can do?

Dynamic (imported) function loading detected
CAPE extracted potentially suspicious content
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid

How to determine Malware.AI.3803548926?


File Info:
name: 9FBA73CC35E6C37D8DE4.mlw
path: /opt/CAPEv2/storage/binaries/e234e697207292dcf44e2cb4df0aefb28b7fccb54b8aa1f32efeadf2dc240eb8
crc32: 2BC2F65D
md5: 9fba73cc35e6c37d8de4270af715713c
sha1: 8ed79ce0cf11d6f1b7b39f527fcf3ef00c24cf3d
sha256: e234e697207292dcf44e2cb4df0aefb28b7fccb54b8aa1f32efeadf2dc240eb8
sha512: bf7d1857718526934f8a3d24a06e1d7a3169e8b592dbb5044a8af79b972fd5074b44c3d2d13b7e8e14810c953a504e17933afd0c3168659b75c353fe115a8a1e
ssdeep: 24576:NxV/LKZl5I9boqUF5KxChWKPmtRUxjVLB3ApK45acJHsv/9rH6UFXoLA7R:NxVDKGloqUF5KxCxPFQ1vo/9rxWLQ
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T19F85E1364B89A699C98F07F5D466C4707338EE023185E7C877E499AF34A67D783420BB
sha3_384: b50864dfc253ed3b288f8a853b41ffd8fd733d62a76e7d114920720d45da980a1b698e5870770416090475e92ec72d04
ep_bytes: ff250020400000000000000000000000
timestamp: 2022-01-30 19:42:03

Version Info:
Translation: 0x0000 0x04b0
Comments: Microsoft (R) Contacts Import Tool
CompanyName: Microsoft Corporation
FileDescription: wabmig
FileVersion: 6.3.0.0
InternalName: wabmig.exe
LegalCopyright: © Microsoft Corporation. All rights reserved.
OriginalFilename: wabmig.exe
ProductName: Microsoft® Windows® Operating System
ProductVersion: 6.3.0.0
Assembly Version: 6.3.0.0

Malware.AI.3803548926 also known as:

Lionic	Trojan.MSIL.Agensla.i!c
MicroWorld-eScan	Trojan.GenericKD.38854714
FireEye	Generic.mg.9fba73cc35e6c37d
McAfee	Artemis!9FBA73CC35E6
Cylance	Unsafe
Sangfor	Infostealer.MSIL.Agensla.gen
K7AntiVirus	Trojan ( 0058219b1 )
BitDefender	Trojan.GenericKD.38854714
K7GW	Trojan ( 0058219b1 )
Cyren	W32/MSIL_Kryptik.GNK.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of MSIL/Kryptik.ACRU
Paloalto	generic.ml
Kaspersky	HEUR:Trojan-PSW.MSIL.Agensla.gen
Alibaba	Trojan:Win32/Kryptik.ali2000016
ViRobot	Trojan.Win32.S.Keylogger.1858560
Sophos	Mal/Generic-S
DrWeb	Trojan.DownLoader44.35840
McAfee-GW-Edition	BehavesLike.Win32.Generic.tc
Emsisoft	Trojan.GenericKD.38854714 (B)
Ikarus	Trojan.Inject
Avira	TR/Kryptik.tfvuh
MAX	malware (ai score=81)
Kingsoft	Win32.PSWTroj.Undef.(kcloud)
Microsoft	Trojan:MSIL/AgentTesla.JIX!MTB
ZoneAlarm	HEUR:Trojan-PSW.MSIL.Agensla.gen
GData	MSIL.Trojan-Spy.Snake.404Z1Q
Cynet	Malicious (score: 100)
AhnLab-V3	Trojan/Win.Generic.C4947471
BitDefenderTheta	Gen:NN.ZemsilF.34182.Xn0@amIrZ6p
ALYac	Trojan.GenericKD.38854714
VBA32	TScope.Trojan.MSIL
Malwarebytes	Malware.AI.3803548926
Panda	Trj/GdSda.A
TrendMicro-HouseCall	TROJ_GEN.R002H0CB122
Tencent	Msil.Trojan-qqpass.Qqrob.Hyjy
Yandex	Trojan.Igent.bXo8Qz.104
SentinelOne	Static AI – Suspicious PE
Fortinet	MSIL/Kryptik.ACRU!tr
AVG	Win32:Trojan-gen
Avast	Win32:Trojan-gen
CrowdStrike	win/malicious_confidence_100% (W)

How to remove Malware.AI.3803548926?

Malware.AI.3803548926 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X