Malware

Malware.AI.3807736610 removal guide

Malware Removal

The Malware.AI.3807736610 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.3807736610 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Possible date expiration check, exits too soon after checking local time
  • Creates RWX memory
  • Guard pages use detected – possible anti-debugging.
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • A process created a hidden window
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Behavioural detection: Injection (inter-process)
  • A potential decoy document was displayed to the user
  • Created a process from a suspicious location

How to determine Malware.AI.3807736610?



File Info:

name: B9C0BCD72AFC53796421.mlw
path: /opt/CAPEv2/storage/binaries/48d7e99f7204754337a1d3edc53f51068c44e7395d73d86a2ef282537b682724
crc32: 7479F24E
md5: b9c0bcd72afc53796421303037fc45af
sha1: 21c37c780899e07898d6f885a25f6e6943713edf
sha256: 48d7e99f7204754337a1d3edc53f51068c44e7395d73d86a2ef282537b682724
sha512: ec81ec59ce90768974c1095b03a2fc293088b737f2b305b2a3203ad9a629e45b3fd961895e02e8ae54b0d4e7a0576a0c5a441b431061e50b9b2e35f584c3bab9
ssdeep: 98304:EuWxr8qVoWP+fHlDfP61PgDqV+W9ufi9NQdlWHN:EtNoWKRC1POqVl9KiHsWHN
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T162F5334076C298B1D1B67A321EB89B10693F7D501E34C9DFA39C191E8F73990AF31B62
sha3_384: 23d764ec5caa7fbb150bac6835f92283866346ecaf2bf2911823c31c28d616d9bdd5859a1f4fc328a670430ac0601444
ep_bytes: e866050000e978feffffcccccccccccc
timestamp: 2022-01-24 07:31:18


Version Info:

0: [No Data]

Malware.AI.3807736610 also known as:

BkavW32.AIDetect.malware1
LionicTrojan.MSIL.Dnoper.4!c
DrWebTrojan.InjectNET.14
MicroWorld-eScanGen:Variant.Fugrafa.223728
FireEyeGeneric.mg.b9c0bcd72afc5379
McAfeeArtemis!B9C0BCD72AFC
CylanceUnsafe
SangforTrojan.MSIL.Dnoper.bgm
K7AntiVirusTrojan ( 0056e5201 )
AlibabaTrojanPSW:Win32/Reconyc.0dcca7ff
K7GWTrojan ( 0056e5201 )
BitDefenderThetaGen:NN.ZevbaCO.34182.gm0@aiG@3@G
VirITTrojan.Win32.Genus.IHW
CyrenW64/Agent.DYN.gen!Eldorado
SymantecTrojan.Gen.MBT
ESET-NOD32multiple detections
TrendMicro-HouseCallTROJ_GEN.R002C0RB122
Paloaltogeneric.ml
KasperskyTrojan.Win64.Donut.jas
BitDefenderGen:Variant.Fugrafa.223728
NANO-AntivirusTrojan.Win32.Reconyc.jjefex
TencentWin64.Trojan.Donut.Pijo
Ad-AwareGen:Variant.Fugrafa.223728
EmsisoftGen:Variant.Fugrafa.223728 (B)
TrendMicroTROJ_GEN.R002C0RB122
McAfee-GW-EditionBehavesLike.Win32.Generic.wc
SophosMal/Generic-R
SentinelOneStatic AI – Suspicious PE
GDataGen:Variant.Fugrafa.223728
AviraTR/Agent.glhgv
MAXmalware (ai score=82)
Antiy-AVLTrojan/Generic.ASMalwS.350E419
ArcabitTrojan.Fugrafa.D369F0
ZoneAlarmTrojan.Win64.Donut.jas
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
CynetMalicious (score: 100)
VBA32BScope.Trojan.Meterpreter
MalwarebytesMalware.AI.3807736610
PandaTrj/CI.A
APEXMalicious
RisingTrojan.Dnoper!8.10CB3 (CLOUD)
FortinetW32/NDAoF
AVGWin64:Evo-gen [Susp]
Cybereasonmalicious.72afc5
AvastWin64:Evo-gen [Susp]

How to remove Malware.AI.3807736610?

Malware.AI.3807736610 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment