Malware

Should I remove “Malware.AI.3849037254”?

Malware Removal

The Malware.AI.3849037254 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.3849037254 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • Authenticode signature is invalid

How to determine Malware.AI.3849037254?



File Info:

name: F0A1B5F055108AA6EF8D.mlw
path: /opt/CAPEv2/storage/binaries/de79932bb83b866abbf1340393807a8f4da15b85dff0a00e2ddec948cd7fc054
crc32: 925A1FC4
md5: f0a1b5f055108aa6ef8d1b877863224b
sha1: 224800b08608717a793841e22fe6a55b4ab5c196
sha256: de79932bb83b866abbf1340393807a8f4da15b85dff0a00e2ddec948cd7fc054
sha512: ec140e3df7f07f8dc1c3d11631dd1f94a75d51e70ed3866876fd182c3f785e0dbbd7df9f26696524224d1688259495d576b898b82785ecc11d8414c1938a8b66
ssdeep: 24576:9AHnh+eWsN3skA4RV1Hom2KXMmHaIpW5:ch+ZkldoPK8YaIy
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1F2058B0273D6D036FFAB92739B6AB20196BD79250133852F13981DB9BD701B1273E663
sha3_384: 72d6847a1220bededb5895bf61526d509b03da4753ecdfbc69b9a3514df21c836d111ceaa18a314649d8926601e824b0
ep_bytes: e8c8d00000e97ffeffffcccccccccccc
timestamp: 2021-12-31 02:36:39


Version Info:

Comments: NAgZfJ
CompanyName: eXDWNVJoALrIJcMewjJKyMYRKZU
FileDescription: DNIcbm
FileVersion: 75.27.90.68
InternalName: StVFbqteDcn
LegalCopyright: cAIQVrtZA
LegalTrademarks: IkvdtrJuZVtEU
ProductName: sxMYW
ProductVersion: 56.84.92.82
Translation: 0x0809 0x04b0

Malware.AI.3849037254 also known as:

BkavW32.AIDetect.malware2
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Strictor.188722
FireEyeGen:Variant.Strictor.188722
McAfeeArtemis!F0A1B5F05510
K7AntiVirusTrojan ( 0056a9891 )
K7GWTrojan ( 0056a9891 )
Cybereasonmalicious.055108
ArcabitTrojan.Strictor.D2E132
CyrenW32/AutoIt.SR.gen!Eldorado
SymantecTrojan.Gen.MBT
ESET-NOD32a variant of Win32/Autoit.OHY
APEXMalicious
KasperskyUDS:Trojan.Script.Generic
BitDefenderGen:Variant.Strictor.188722
AvastAutoIt:Runner-BH [Trj]
Ad-AwareGen:Variant.Strictor.188722
EmsisoftGen:Variant.Strictor.188722 (B)
ComodoMalware@#3muyb71dzr1ag
TrendMicroTrojan.AutoIt.OTORUN.SM
McAfee-GW-EditionBehavesLike.Win32.Generic.ch
SophosTroj/Autoit-DCS
AviraWORM/FakeExt.Gen8
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
GDataGen:Variant.Strictor.188722
CynetMalicious (score: 100)
AhnLab-V3Malware/Win.Generic.R454085
ALYacGen:Variant.Strictor.188722
MAXmalware (ai score=87)
MalwarebytesMalware.AI.3849037254
TrendMicro-HouseCallTrojan.AutoIt.OTORUN.SM
RisingTrojan.Runner/Autoit!1.C11B (CLASSIC)
IkarusTrojan.Win32.Autoit
FortinetW32/Autoit.OHL!tr
AVGAutoIt:Runner-BH [Trj]
CrowdStrikewin/malicious_confidence_90% (W)

How to remove Malware.AI.3849037254?

Malware.AI.3849037254 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment