Malware

Malware.AI.3842494964 (file analysis)

Malware Removal

The Malware.AI.3842494964 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.3842494964 virus can do?

  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Uses Windows utilities to create a scheduled task
  • Deletes executed files from disk

How to determine Malware.AI.3842494964?



File Info:

name: B7A5002B6608D7EE3E6F.mlw
path: /opt/CAPEv2/storage/binaries/25a6d27e7b51b41c465ee774ba272c33df742d506649287de746759b292e6d13
crc32: 22644012
md5: b7a5002b6608d7ee3e6fdcb4da90ff6e
sha1: c91fcba787f7d28f7b4b95a56e3e706e34565dc9
sha256: 25a6d27e7b51b41c465ee774ba272c33df742d506649287de746759b292e6d13
sha512: 65788851cc2e17737ed6f650b1a2d34048275574e88aa38a1c279c16bca86912e6825c05be27180a825c9a90a58697b6f3c37545d5a9804ca9ef8555d8e23d45
ssdeep: 3072:+KFfHgTWmCRkGbKGLeNTBfb9rAMGIuXO9j:15aWbksiNTBTyMGIuXq
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T153242A427B828FA3DC7306B90061D9B953269E585B20D6978FF4FD33B6B2F821DB4191
sha3_384: 6efe3346c913b21c43b4b79ea6683278bfe8a7ab2466ae1fba769d4e591941a484fd0e147e06fd2879456c58f21bd5ca
ep_bytes: 68ac00000068000000006868804100e8
timestamp: 2018-02-01 20:18:05


Version Info:

FileVersion: 1.0.0
ProductVersion: 1.0.0
ProductName: Hard Edition - Launcher
Translation: 0x0000 0x04e4

Malware.AI.3842494964 also known as:

BkavW32.Common.042C7A66
LionicTrojan.Win32.Generic.4!c
FireEyeGeneric.mg.b7a5002b6608d7ee
SkyhighBehavesLike.Win32.RealProtect.dm
McAfeeRDN/Generic.dx
MalwarebytesMalware.AI.3842494964
SangforTrojan.Win32.Save.a
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
RisingTrojan.Generic@AI.100 (RDML:kUI+IF5OxD+ZC2hFnRjvNw)
SophosGeneric ML PUA (PUA)
Trapminemalicious.moderate.ml.score
Kingsoftmalware.kb.a.950
AhnLab-V3Malware/Win.Generic.C5309052
BitDefenderThetaGen:NN.ZexaF.36792.nu0@aSaNwfo
DeepInstinctMALICIOUS
Cylanceunsafe
TrendMicro-HouseCallTROJ_GEN.R002H06F423
SentinelOneStatic AI – Suspicious PE
MaxSecureTrojan.Malware.3411146.susgen
FortinetW32/PossibleThreat
CrowdStrikewin/malicious_confidence_70% (W)

How to remove Malware.AI.3842494964?

Malware.AI.3842494964 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment