Malware

How to remove “Malware.AI.3822989204”?

Malware Removal

The Malware.AI.3822989204 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.3822989204 virus can do?

  • Sample contains Overlay data
  • Reads data out of its own binary image
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Malware.AI.3822989204?



File Info:

name: D46688168CA9B9E32823.mlw
path: /opt/CAPEv2/storage/binaries/4cdcc6bd3aec03602cf3008afabb15215d49ec811e9feab930f494472a692fe3
crc32: E1027216
md5: d46688168ca9b9e32823ecc3ec61615c
sha1: 814fa94c0157ffada611da324f7f8705b3b232d9
sha256: 4cdcc6bd3aec03602cf3008afabb15215d49ec811e9feab930f494472a692fe3
sha512: bce4a3f409b5434a97c811e296e963e2f2271c9f84483f76b5887e13bc9147e2cbffe803e0382461d767fb74fb6040443a54c3d0b339398de6b4bdad14180581
ssdeep: 12288:q6Wq4aaE6KwyF5L0Y2D1PqLLMPqZDAGZZdsP6oS3Kk1:IthEVaPqLLMS6Sak1
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1B9B423ED76E8E604D46852B1E14226F2C0D07C2AD77DEB3BA2D83F17B477015AA6F604
sha3_384: 2324c6f9f1aca40144e3c6f6ddae1aa2f452853fef5a5ad4436fd569b35c93b0d0ec7e9eb38fb4cfc2cf10deb7ccf678
ep_bytes: 60be003047008dbe00e0f8ff57eb0b90
timestamp: 2012-01-29 21:32:28


Version Info:

FileDescription: 
FileVersion: 3, 3, 8, 1
CompiledScript: AutoIt v3 Script: 3, 3, 8, 1
Translation: 0x0809 0x04b0

Malware.AI.3822989204 also known as:

BkavW32.Common.8DB2AB52
LionicTrojan.Win32.AutoIt.4!c
SkyhighBehavesLike.Win32.Spyware.hc
McAfeeRDN/Generic.dx
MalwarebytesMalware.AI.3822989204
SangforTrojan.Win32.Autoit.Ve4r
AlibabaTrojan:AutoIt/Injector.45784f41
CrowdStrikewin/grayware_confidence_70% (W)
Elasticmalicious (moderate confidence)
CynetMalicious (score: 99)
APEXMalicious
AvastAutoIt:Injector-CL [Trj]
F-SecureTrojan.TR/AutoIt.41884563
SentinelOneStatic AI – Malicious PE
AviraTR/AutoIt.41884563
Antiy-AVLTrojan/Win32.Autoit
KingsoftWin32.Troj.Undef.a
XcitiumMalware@#1hve0q0hvzfn9
AhnLab-V3Malware/Win32.Generic.C3305386
VBA32Trojan.Autoit.Paket
TrendMicro-HouseCallTROJ_GEN.R002H06LI23
MaxSecureTrojan.Autoit.AZA
AVGAutoIt:Injector-CL [Trj]
Cybereasonmalicious.c0157f
DeepInstinctMALICIOUS

How to remove Malware.AI.3822989204?

Malware.AI.3822989204 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment