Malware

How to remove “Malware.AI.3871486514”?

Malware Removal

The Malware.AI.3871486514 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.3871486514 virus can do?

  • Uses Windows utilities for basic functionality
  • Performs HTTP requests potentially not found in PCAP.
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Attempts to modify proxy settings
  • Touches a file containing cookies, possibly for information gathering
  • Uses suspicious command line tools or Windows utilities
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Malware.AI.3871486514?



File Info:

name: D6B27561144CC858D7DF.mlw
path: /opt/CAPEv2/storage/binaries/fe5dd2a6d0e7552537c24c4c7bc33ff49108d543a45fb991070c5ebc0087fcf6
crc32: 8CA5EAC9
md5: d6b27561144cc858d7dfb17c0d4dcc62
sha1: 975e142cab729472a40c83446795fef7e64c7ae5
sha256: fe5dd2a6d0e7552537c24c4c7bc33ff49108d543a45fb991070c5ebc0087fcf6
sha512: 210683d14ba7eb20d34f0007ac3adda62d5c2d406b035a9540a2f9a74469a2387456aeb31bf280e409c5e7b6bae1e40fcd646246daade16b83e40e3c3e75f494
ssdeep: 49152:kh+ZkldoPK8Ya0C/l31fhkZPINKUelD8YhOPYwjrj5KBCRqU+4a:V2cPK8PllfowXYhOPYwj5Ks
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1D1C50103B3E6C036FFABA2739B65B2059ABD79650133852F13981D79B9701B1233D663
sha3_384: d5959232d8388abc6da79cd5a194c5032b8c510b913a9642641f148f171d907bfedb1444e0811e35de8be74d062d3b3b
ep_bytes: e8c8d00000e97ffeffffcccccccccccc
timestamp: 2019-03-17 22:23:25


Version Info:

FileDescription: Lineange2 Revolution Bot - https://www.djmbot.com
FileVersion: 3.8.8
LegalCopyright: © https://www.djmbot.com
ProductName: DJMBotLin2Rev
ProductVersion: 3.8.8
Translation: 0x0809 0x04b0

Malware.AI.3871486514 also known as:

BkavW32.AIDetectMalware
Elasticmalicious (moderate confidence)
CynetMalicious (score: 100)
SkyhighBehavesLike.Win32.TrojanAitInject.vc
McAfeeArtemis!D6B27561144C
MalwarebytesMalware.AI.3871486514
CrowdStrikewin/malicious_confidence_90% (W)
APEXMalicious
ClamAVWin.Trojan.Agent-6825810-0-6852456-0
IkarusDropper.AutoIt
WebrootW32.Dropper.Gen
GoogleDetected
XcitiumMalware@#1fsekonyw7unl
MicrosoftTrojan:Win32/Zpevdo.A
AhnLab-V3Malware/Gen.Generic.C2619610
PandaHacktool/GameBot
SentinelOneStatic AI – Suspicious PE
DeepInstinctMALICIOUS

How to remove Malware.AI.3871486514?

Malware.AI.3871486514 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment