Malware

Malware.AI.3851625662 removal tips

Malware Removal

The Malware.AI.3851625662 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.3851625662 virus can do?

  • Executed a command line with /C or /R argument to terminate command shell on completion which can be used to hide execution
  • Reads data out of its own binary image
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Harvests cookies for information gathering
  • Uses suspicious command line tools or Windows utilities

How to determine Malware.AI.3851625662?



File Info:

name: AE1A68AFDBEFFC77EA8B.mlw
path: /opt/CAPEv2/storage/binaries/78e7605e66aca7decfbf3e332b9e8d51ca973bc056169f6cf87085778a2c2b11
crc32: ADB22E43
md5: ae1a68afdbeffc77ea8b52916ab837cf
sha1: 20da3a2f251d8109b6f1cbdd8fe8e467e4c7c9d3
sha256: 78e7605e66aca7decfbf3e332b9e8d51ca973bc056169f6cf87085778a2c2b11
sha512: 13689c9c4a166c977959df90b19769140fc30e438444f7a5b33e8d1d72676eeba02e806896c82630097e5db6eda47010bcefc69ffb2da85db4903e710d93091a
ssdeep: 6144:nBaZcscUmWsbeQulvjNQIpI1Z2/TeIUSVf37aG1vNpfuaMjXjn+uZXIPP7:nazINbTII2/TeIvVf3R+B+Xn7
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T14BF4F63DAA704C3FC052053BF995DA3F152BAEA1C9228CD52790790FC9F5E601593EAB
sha3_384: 94a6c209afea5474d278b56545bd364123a26e73ec92a9a781e39d1bbcfab786829e560817bbb6804ad52a476ca63d5b
ep_bytes: 558bec83c4e053565733c08945e08945
timestamp: 2021-04-07 18:55:10


Version Info:

CompanyName: Samsung C&T
FileDescription: 
FileVersion: 22.03.17.01
InternalName: 
LegalCopyright: Samsung C&T
LegalTrademarks: 
OriginalFilename: 
ProductName: Extend PC Security 22.03.17
ProductVersion: 22.03.17.01
Comments: 32bit
Translation: 0x0409 0x04e4

Malware.AI.3851625662 also known as:

LionicTrojan.Win32.DiskWriter.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.Generic.31456898
ClamAVWin.Malware.Diskwriter-9961770-0
McAfeeRDN/Generic.hra
Cylanceunsafe
ZillyaTrojan.DiskWriter.Win32.1923
SangforTrojan.Win32.Diskwriter.V9u4
AlibabaTrojan:Win32/DiskWriter.c79e2b0b
CyrenW32/ABRisk.OXTT-2200
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Generik.IDPUKV
APEXMalicious
Paloaltogeneric.ml
CynetMalicious (score: 99)
KasperskyHEUR:Trojan.Win32.DiskWriter.gen
BitDefenderTrojan.Generic.31456898
NANO-AntivirusTrojan.Win32.DiskWriter.jpcmak
AvastWin32:TrojanX-gen [Trj]
TencentMalware.Win32.Gencirc.11892703
EmsisoftTrojan.Generic.31456898 (B)
F-SecureTrojan.TR/DiskWriter.enmvc
DrWebTrojan.Siggen17.26522
VIPRETrojan.Generic.31456898
McAfee-GW-EditionBehavesLike.Win32.Infected.bm
FireEyeTrojan.Generic.31456898
SophosMal/Generic-S
GDataTrojan.Generic.31456898
JiangminTrojan.DiskWriter.ark
AviraTR/DiskWriter.enmvc
Antiy-AVLTrojan/Win32.DiskWriter
ArcabitTrojan.Generic.D1DFFE82
ZoneAlarmHEUR:Trojan.Win32.DiskWriter.gen
MicrosoftTrojan:Win32/Wacatac.B!ml
GoogleDetected
VBA32Trojan.DiskWriter
ALYacTrojan.Generic.31456898
MAXmalware (ai score=81)
MalwarebytesMalware.AI.3851625662
PandaTrj/Chgt.AA
RisingTrojan.Generic@AI.100 (RDML:BRqJVVXGITguw/PRTLw1OQ)
IkarusTrojan.DiskWriter
MaxSecureTrojan.Malware.73716977.susgen
FortinetMalicious_Behavior.SB
AVGWin32:TrojanX-gen [Trj]
DeepInstinctMALICIOUS

How to remove Malware.AI.3851625662?

Malware.AI.3851625662 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment