Malware

What is “Malware.AI.380937906”?

Malware Removal

The Malware.AI.380937906 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.380937906 virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Reads data out of its own binary image
  • The binary likely contains encrypted or compressed data.
  • Network activity detected but not expressed in API logs
  • Creates a slightly modified copy of itself
  • Anomalous binary characteristics

How to determine Malware.AI.380937906?



File Info:

crc32: C472FD08
md5: 73805c63d0fe5f7bc6ca56e2d4918860
name: 73805C63D0FE5F7BC6CA56E2D4918860.mlw
sha1: f2717fcbb3243a62e62a1e55d07fd8c4ddb55092
sha256: 1e6a686f96ec0d67b66741859b0451ce5129d3554a0581fcdb0a8c1ef1eaf0ea
sha512: 8fac0c0493b4006155c2ab983d052b5f5399af4d54dd3acd3425f6cf7e94ff50133983184ea43cfdc00149f3d10ee1d0af53a7bebbbdcd26e9d6f6bdc6a58fe1
ssdeep: 12288:Fe44ZkCmU3pIPS8pIUrJUe6hiJmJE7l+3kKHyUTsYndOsO:cnHmsoSUIUrJUemAm73dQYngt
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

Translation: 0x0409 0x04b0
LegalCopyright: GIV Rra NOv- TWIE zeelaI
InternalName: Dendrachate4
FileVersion: 1.00
CompanyName: GOLAHA jera MTr:
Comments: GOs
ProductName: Vtellie IndarmaTOOL GYSTema nTO
ProductVersion: 1.00
OriginalFilename: Dendrachate4.exe

Malware.AI.380937906 also known as:

BkavW32.AIDetect.malware1
K7AntiVirusTrojan ( 00530a061 )
LionicTrojan.Multi.Generic.4!c
Elasticmalicious (high confidence)
DrWebTool.PassView.1875
CynetMalicious (score: 100)
ALYacGen:Heur.PonyStealer.Ym0@dCvBReji
CylanceUnsafe
ZillyaTrojan.Injector.Win32.601858
SangforTrojan.Win32.GenericKD.3
CrowdStrikewin/malicious_confidence_90% (D)
AlibabaTrojan:Win32/VBKrypt.d46c023a
K7GWTrojan ( 00530a061 )
Cybereasonmalicious.3d0fe5
CyrenW32/VBKrypt.J.gen!Eldorado
SymantecDownloader.Ponik
ESET-NOD32a variant of Win32/Injector.DXXG
APEXMalicious
AvastWin32:Malware-gen
ClamAVWin.Packed.Ponystealer-7783924-0
KasperskyTrojan.Win32.VBKrypt.zlcg
BitDefenderGen:Heur.PonyStealer.Ym0@dCvBReji
NANO-AntivirusTrojan.Win32.VBKrypt.fbqqhs
MicroWorld-eScanGen:Heur.PonyStealer.Ym0@dCvBReji
TencentMalware.Win32.Gencirc.10b782b9
Ad-AwareGen:Heur.PonyStealer.Ym0@dCvBReji
SophosMal/Generic-R + Mal/FareitVB-L
ComodoMalware@#230ubwagemhiy
BitDefenderThetaGen:NN.ZevbaF.34266.Ym0@aCvBReji
VIPRETrojan.Win32.Generic!BT
TrendMicroTSPY_HPLOKI.SMVBMP0
McAfee-GW-EditionBehavesLike.Win32.Fareit.cc
FireEyeGeneric.mg.73805c63d0fe5f7b
EmsisoftTrojan.Injector (A)
SentinelOneStatic AI – Malicious PE
JiangminTrojan.VBKrypt.dcfp
WebrootW32.Trojan.GenKD
AviraHEUR/AGEN.1121803
eGambitUnsafe.AI_Score_99%
Antiy-AVLTrojan/Generic.ASMalwS.261259E
MicrosoftTrojan:Win32/Skeeyah.A!rfn
ArcabitTrojan.PonyStealer.ED17E14
GDataGen:Heur.PonyStealer.Ym0@dCvBReji
TACHYONTrojan/W32.VBKrypt.831488
AhnLab-V3Trojan/Win32.Fareit.R227716
McAfeeFareit-FKM!73805C63D0FE
VBA32Trojan.VBKrypt
MalwarebytesMalware.AI.380937906
PandaTrj/GdSda.A
TrendMicro-HouseCallTSPY_HPLOKI.SMVBMP0
YandexTrojan.GenAsa!/Fi3+4L69aM
IkarusTrojan.VB.Crypt
FortinetW32/VBKryptik.DZKQ!tr
AVGWin32:Malware-gen
Paloaltogeneric.ml

How to remove Malware.AI.380937906?

Malware.AI.380937906 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment