Malware

Malware.AI.3859429535 (file analysis)

Malware Removal

The Malware.AI.3859429535 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.3859429535 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Deletes executed files from disk
  • Created a service that was not started
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Malware.AI.3859429535?



File Info:

name: B18464453CB996565F35.mlw
path: /opt/CAPEv2/storage/binaries/9aea2881f201f3c8a6f5448abc70ce92f62e443796e4033edc9354e180dca3e9
crc32: AF2BB88A
md5: b18464453cb996565f35ce60c895b1a2
sha1: e76f6807493ddd2ec32e27573d1c90ff6f452876
sha256: 9aea2881f201f3c8a6f5448abc70ce92f62e443796e4033edc9354e180dca3e9
sha512: a46c9dd949e6c48203e763170449c73055331e28e1361e3582d62980b06175ca99d2f7bc263fb80eb11e71726154430b2df6d8df12506dd863a9f47dac8813e3
ssdeep: 49152:AGd/XGhILOQYVdaszvOjDA46iYFt/IyuDFgl3LaOKz:dikOQYVdagGDA4/Yj/ItD+3OOKz
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T10885338991C50C7DE0618F393D326D455F4B3D665938F1053FFC872F2A3BA92A34AA4A
sha3_384: 9709ff86a8bb255561454ec72d853f422fe1cf5c06163ed86420382fd25020045412412d8dae1fb70969d79fbf66523c
ep_bytes: 558bec83c4cc53565733c08945f08945
timestamp: 1992-06-19 22:22:17


Version Info:

Comments: This installation was built with Inno Setup.
CompanyName:                                                             
FileDescription: LjyFlashFix Setup                                           
FileVersion:                     
LegalCopyright:                                                                                                     
Translation: 0x0409 0x04e4

Malware.AI.3859429535 also known as:

LionicTrojan.Win32.TeviRat.4!c
Elasticmalicious (moderate confidence)
McAfeeArtemis!B18464453CB9
MalwarebytesMalware.AI.3859429535
SangforDropper.Win32.Tevirat.Vns4
K7AntiVirusTrojan ( 005722f11 )
AlibabaBackdoor:Win32/TeviRat.27e983cc
K7GWTrojan ( 005722f11 )
CrowdStrikewin/malicious_confidence_100% (W)
SymantecTrojan.Gen.MBT
ESET-NOD32a variant of Win32/TrojanDropper.Agent.SLC
Paloaltogeneric.ml
CynetMalicious (score: 99)
KasperskyBackdoor.Win32.TeviRat.cpm
AvastWin32:Trojan-gen
TencentWin32.Backdoor.Tevirat.Pnkl
SophosMal/Generic-S
F-SecureHeuristic.HEUR/AGEN.1251208
DrWebTrojan.MulDrop21.46540
McAfee-GW-EditionArtemis!Trojan
Trapminemalicious.moderate.ml.score
WebrootW32.Trojan.Gen
AviraHEUR/AGEN.1251208
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
ZoneAlarmBackdoor.Win32.TeviRat.cpm
AhnLab-V3Trojan/Win.Generic.R560234
Cylanceunsafe
TrendMicro-HouseCallTROJ_GEN.R002H0CC223
IkarusTrojan-Dropper.Win32.Agent
FortinetW32/Agent.SLC!tr
AVGWin32:Trojan-gen

How to remove Malware.AI.3859429535?

Malware.AI.3859429535 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment