Malware

Malware.AI.3819402717 malicious file

Malware Removal

The Malware.AI.3819402717 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.3819402717 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • Unconventionial language used in binary resources: Russian
  • The binary contains an unknown PE section name indicative of packing
  • Creates an autorun.inf file
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Uses Windows utilities for basic functionality
  • CAPE detected the njRat malware family
  • Uses suspicious command line tools or Windows utilities

How to determine Malware.AI.3819402717?



File Info:

name: 997EEACC064FF8A23CE8.mlw
path: /opt/CAPEv2/storage/binaries/8589f8a70485f82a74e79e275f0e134a8277a8aa34f4fb4b5308b610b40365e7
crc32: DBF35A3F
md5: 997eeacc064ff8a23ce857d2b46d0ae2
sha1: ca95dc2a00a0bf9e82f32ed016dbcded89b56834
sha256: 8589f8a70485f82a74e79e275f0e134a8277a8aa34f4fb4b5308b610b40365e7
sha512: 01e979cbdcca221a23ce23059262cca6cee65f2f24ae224c41c6d1062fa6092dcead5bb8d2003cda40b5cc4f17bfd168351c667c7a14189f159df2b52be81320
ssdeep: 98304:JghLoXtsEAgZBjWfO9d2uoy4uND2kTYbYz7nvlszU5yYf:+e9UgDjWOd2cbD2kTYbYHnvlsY5df
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1DCF52342F9C285B1D1A11D325265D99516387E201F28CFF7A3E82A0EDA740F0B775B7B
sha3_384: 216add538e19a508acc5884d1e8a06dd10878eb5780a4e667dcefddb6ebdd1b0fd146e2647ff770a4b9bca8eaa74483f
ep_bytes: e864040000e988feffff3b0d68e64300
timestamp: 2021-06-11 09:16:47


Version Info:

0: [No Data]

Malware.AI.3819402717 also known as:

BkavW32.AIDetect.malware1
MicroWorld-eScanTrojan.Rasftuby.Gen.14
FireEyeGeneric.mg.997eeacc064ff8a2
BitDefenderTrojan.Rasftuby.Gen.14
Elasticmalicious (high confidence)
CynetMalicious (score: 100)
APEXMalicious
KasperskyHEUR:Trojan.Win32.Generic
SophosGeneric ML PUA (PUA)
VIPRETrojan.Rasftuby.Gen.14
McAfee-GW-EditionBehavesLike.Win32.Generic.wc
EmsisoftTrojan.Rasftuby.Gen.14 (B)
SentinelOneStatic AI – Malicious SFX
GDataTrojan.Rasftuby.Gen.14
ArcabitTrojan.Rasftuby.Gen.14
ZoneAlarmHEUR:Trojan.Win32.Generic
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
Acronissuspicious
ALYacTrojan.Rasftuby.Gen.14
MAXmalware (ai score=83)
MalwarebytesMalware.AI.3819402717
Cybereasonmalicious.c064ff

How to remove Malware.AI.3819402717?

Malware.AI.3819402717 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment