Malware

What is “Malware.AI.3818972437”?

Malware Removal

The Malware.AI.3818972437 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Malware.AI.3818972437 virus can do?

  • Executable code extraction
  • Attempts to connect to a dead IP:Port (4 unique times)
  • Creates RWX memory
  • HTTP traffic contains suspicious features which may be indicative of malware related traffic
  • Performs some HTTP requests
  • Attempts to remove evidence of file being downloaded from the Internet
  • Installs itself for autorun at Windows startup
  • Exhibits possible ransomware file modification behavior
  • Writes a potential ransom message to disk
  • Attempts to modify proxy settings
  • Creates a copy of itself
  • Appends a known CryptFile2 ransomware file extension to files that have been encrypted
  • Creates a known CryptFile2 ransomware decryption instruction / key file.
  • Anomalous binary characteristics

Related domains:

z.whorecord.xyz
mm.shinkendo.fr
crt.usertrust.com
a.tomx.xyz
ocsp.comodoca.com
ocsp.usertrust.com
crl.usertrust.com

How to determine Malware.AI.3818972437?


File Info:

crc32: C2F4E6DD
md5: ac2e533fb739a99f497824e02347a66c
name: AC2E533FB739A99F497824E02347A66C.mlw
sha1: c09212a27abbf236434aae8aa18d99f9bdd03c51
sha256: 45980cbbe50c8a633ac6ca903614399e73078c2f37e9dd202b1d1cd41c0ca1f1
sha512: 71951b865da7a5196e093bc2985891bc0f14b2c9ff0ae4fffbf3695d13f86ccab0907f90872eb5bef45b65e7959da88576d03ecb321f5d8dedbc0aeca5b698d8
ssdeep: 1536:6bhPdYbPd5V05rilpPXvlMq12Kpuyjg1kFhqt:S5K05rilpPX6q2y8kFEt
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

0: [No Data]

Malware.AI.3818972437 also known as:

BkavW32.AIDetect.malware2
K7AntiVirusTrojan ( 004f8b651 )
Elasticmalicious (high confidence)
DrWebTrojan.DownLoader22.42626
CynetMalicious (score: 100)
CAT-QuickHealRansomware.Tescrypt.WR5
ALYacGen:Heur.Mint.Dreidel.eyW@x0JLlkdi
CylanceUnsafe
K7GWTrojan ( 004f8b651 )
Cybereasonmalicious.fb739a
SymantecRansom.CryptXXX!g18
ESET-NOD32a variant of Win32/Kryptik.FGQU
APEXMalicious
AvastFileRepMalware
KasperskyTrojan.Win32.RegRun.zru
BitDefenderGen:Heur.Mint.Dreidel.eyW@x0JLlkdi
NANO-AntivirusTrojan.Win32.RegRun.egqkks
MicroWorld-eScanGen:Heur.Mint.Dreidel.eyW@x0JLlkdi
TencentMalware.Win32.Gencirc.11494c4b
Ad-AwareGen:Heur.Mint.Dreidel.eyW@x0JLlkdi
SophosML/PE-A + Mal/Slenfbot-I
ComodoMalware@#1h9jgsw6pdgmp
BitDefenderThetaAI:Packer.13134B521F
VIPRETrojan.Win32.Generic!BT
TrendMicroRansom_CRYPHYDRA.SMJ
McAfee-GW-EditionRansomware-FTM!AC2E533FB739
FireEyeGeneric.mg.ac2e533fb739a99f
EmsisoftGen:Heur.Mint.Dreidel.eyW@x0JLlkdi (B)
SentinelOneStatic AI – Malicious PE
JiangminTrojan.Regrun.ed
AviraTR/Dropper.Gen8
eGambitUnsafe.AI_Score_99%
Antiy-AVLTrojan/Generic.ASMalwS.1B53BD6
MicrosoftRansom:Win32/Genasom
GDataGen:Heur.Mint.Dreidel.eyW@x0JLlkdi
Acronissuspicious
McAfeeRansomware-FTM!AC2E533FB739
MAXmalware (ai score=100)
VBA32BScope.TrojanRansom.Snocry
MalwarebytesMalware.AI.3818972437
PandaTrj/GdSda.A
TrendMicro-HouseCallRansom_CRYPHYDRA.SMJ
RisingTrojan.Generic@ML.100 (RDML:0xUqTo+RR8Bn7R5de3fm/Q)
YandexTrojan.GenAsa!UJxjLWoJgf4
IkarusTrojan.Win32.Crypt
FortinetW32/Kryptik.FHAQ!tr
AVGFileRepMalware
Paloaltogeneric.ml

How to remove Malware.AI.3818972437?

Malware.AI.3818972437 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment