Malware

About “Malware.AI.3882482560” infection

Malware Removal

The Malware.AI.3882482560 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.3882482560 virus can do?

  • Sample contains Overlay data
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Attempts to modify proxy settings
  • Creates a copy of itself
  • Deletes executed files from disk

How to determine Malware.AI.3882482560?



File Info:

name: 398824E4D665928FC438.mlw
path: /opt/CAPEv2/storage/binaries/3c119682e05a384141d5f84bf282a52f1addaa0e28cb83ead6ac31f93edc6eff
crc32: 626EDFA3
md5: 398824e4d665928fc438902641bf6f11
sha1: 7573b30ab56aedf0fc220c78631bfe3f66036b30
sha256: 3c119682e05a384141d5f84bf282a52f1addaa0e28cb83ead6ac31f93edc6eff
sha512: 6e284ff7d33d72c2956c99713f1871f096ab00293044300b7846cb31f29d5e98d2f296382d56dfd21fb04b13ca8642fe4dfa2f8f443da8ddf6d454d71774c2b8
ssdeep: 1536:bKiJCGGi39mF358pQHwdYHpOhczr0uqPf+bJGx0khEnOzk:bKHi39ExqKAhW0uAwQx3uO
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1279312AADD1D4872E56137BF031E2F914EAE6E1798957BF94DA037E9A0310C644CB02B
sha3_384: 469089c9fd223d3b87b868646a56fe0be38dd34023a428537f832cd49a5ddaa9eccd91db55c275afe70ac566f7c8d978
ep_bytes: 60be00d041008dbe0040feff5783cdff
timestamp: 1992-06-19 22:22:17


Version Info:

0: [No Data]

Malware.AI.3882482560 also known as:

Elasticmalicious (moderate confidence)
MicroWorld-eScanGeneric.Malware.SFB!dld!g.38518CE0
ClamAVWin.Malware.Sfbdldg-7108252-0
FireEyeGeneric.mg.398824e4d665928f
McAfeePUP-XKY-HR
CylanceUnsafe
VIPREGeneric.Malware.SFB!dld!g.38518CE0
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 0040f75f1 )
K7GWTrojan ( 0040f75f1 )
CrowdStrikewin/malicious_confidence_90% (W)
BaiduWin32.Trojan-Spy.QQSpy.a
VirITTrojan.Win32.SHeur4.CBBH
SymantecTrojan Horse
ESET-NOD32Win32/Spy.QQSpy.I
APEXMalicious
CynetMalicious (score: 100)
KasperskyTrojan-Dropper.Win32.Dorifel.aiez
BitDefenderGeneric.Malware.SFB!dld!g.38518CE0
NANO-AntivirusTrojan.Win32.Dorifel.focovm
AvastWin32:Trojan-gen
TencentTrojan.Win32.QQPass.aft
Ad-AwareGeneric.Malware.SFB!dld!g.38518CE0
EmsisoftGeneric.Malware.SFB!dld!g.38518CE0 (B)
ComodoTrojWare.Win32.Spy.QQSpy.I@56181c
DrWebTrojan.DownLoader10.62546
ZillyaDropper.Dorifel.Win32.12318
TrendMicroTROJ_DORIFEL_EJ050099.UVPM
McAfee-GW-EditionBehavesLike.Win32.Ipamor.mc
Trapminemalicious.high.ml.score
SophosML/PE-A + Mal/Behav-214
IkarusTrojan.Win32.Slefdel
GDataGeneric.Malware.SFB!dld!g.38518CE0
JiangminTrojan/Slefdel.bbx
WebrootW32.Malware.Gen
AviraTR/Spy.Gen
Antiy-AVLTrojan/Generic.ASMalwS.3303
MicrosoftTrojan:Win32/Wacatac.B!ml
GoogleDetected
AhnLab-V3Trojan/Win32.Hupigon.C7754
Acronissuspicious
VBA32Win32.Trojan.Dropper.Heur
ALYacGeneric.Malware.SFB!dld!g.38518CE0
MAXmalware (ai score=80)
MalwarebytesMalware.AI.3882482560
TrendMicro-HouseCallTROJ_DORIFEL_EJ050099.UVPM
RisingSpyware.QQSpy!1.A2D6 (CLASSIC)
YandexTrojan.Agent!B6sVkU3Z58k
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Generic.AC.238EA9!tr
BitDefenderThetaAI:Packer.76B77AB420
AVGWin32:Trojan-gen
Cybereasonmalicious.4d6659

How to remove Malware.AI.3882482560?

Malware.AI.3882482560 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment