Malware.AI.3826550964 (file analysis)

The Malware.AI.3826550964 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.3826550964 virus can do?

Sample contains Overlay data
Reads data out of its own binary image
Authenticode signature is invalid
Anomalous binary characteristics
Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Malware.AI.3826550964?


File Info:
name: 2A704BC214FDCE5A4C26.mlw
path: /opt/CAPEv2/storage/binaries/1e761625852794ea3ab42504be9ca72dbefa9fe99f9e91ad6477174420886b2e
crc32: 9B0D5F6C
md5: 2a704bc214fdce5a4c269ae3fa407267
sha1: 19fc6da8640ccc6833b4746d043623571297ed5e
sha256: 1e761625852794ea3ab42504be9ca72dbefa9fe99f9e91ad6477174420886b2e
sha512: 6eb65bf7453e3e8e21d663b81ad6f501d1f9a83eadceed96e818973fd4b086f4613ef1a863dc8877439c074d771b5ba46dfd94ca757370c7bcb3d5f9998483ce
ssdeep: 24576:fAwDcHDz8o3DaDSKbUfIaDRlCvsuGrhpP56:YwaEODfKbUgaDOEBjx6
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T10225E01371E0B0B2D1B232F28E75E359DB39BD3055358A9757C83C1AAA70952EA39337
sha3_384: 4c7399c2fc5cf5f5c19c15fce77761ec80608c89975a5d5c752f05c3ab08ba0cba9d788fe40274a7e1a139ce79b43e72
ep_bytes: e806940000e989feffffcccccccccc55
timestamp: 2011-05-25 18:11:04

Version Info:
FileDescription: 
FileVersion: 3, 3, 7, 2
CompiledScript: AutoIt v3 Script: 3, 3, 7, 2
Translation: 0x0809 0x04b0

Malware.AI.3826550964 also known as:

Bkav	W32.AIDetectMalware
ClamAV	Win.Trojan.Autoit-180
FireEye	Generic.mg.2a704bc214fdce5a
Malwarebytes	Malware.AI.3826550964
CrowdStrike	win/malicious_confidence_100% (W)
Elastic	malicious (high confidence)
APEX	Malicious
McAfee-GW-Edition	BehavesLike.Win32.Ransomware.dc
Ikarus	Trojan.Win32
GData	Win32.Trojan.PSE.1XIEXAH
ViRobot	Trojan.Win32.A.Autoit.1100307
Microsoft	Program:Win32/Wacapew.C!ml
Google	Detected
AhnLab-V3	Trojan/Win32.AutoIt.R9350
McAfee	Artemis!2A704BC214FD
VBA32	Trojan-Downloader.Autoit.gen
SentinelOne	Static AI – Suspicious PE
MaxSecure	Virus.W32.Pioneer.H
Fortinet	W32/PossibleThreat
Cybereason	malicious.8640cc
DeepInstinct	MALICIOUS

How to remove Malware.AI.3826550964?

Malware.AI.3826550964 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X