Malware

Malware.AI.38950278 removal

Malware Removal

The Malware.AI.38950278 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.38950278 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Presents an Authenticode digital signature
  • Dynamic (imported) function loading detected
  • Enumerates running processes
  • Reads data out of its own binary image
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Collects information about installed applications
  • Attempted to write directly to a physical drive
  • Collects information to fingerprint the system
  • Anomalous binary characteristics

How to determine Malware.AI.38950278?



File Info:

name: 05DD9282E70C657A9D81.mlw
path: /opt/CAPEv2/storage/binaries/f63a1d85cfdf83d86edf01bcdba8b029a92fbcbf502b441a87fd89efe4d71897
crc32: 5FAF95B9
md5: 05dd9282e70c657a9d813ad41787dce6
sha1: f6639c6df76d04e37ebe17052efb344235326f8e
sha256: f63a1d85cfdf83d86edf01bcdba8b029a92fbcbf502b441a87fd89efe4d71897
sha512: 755810d29cc2f5c14d58b70402487b06bd58f264d77a5da7ee11ef183d52e52c8d402f1f3569eca385f2a78af50641477903d7ab130e086f6bc85eb35b01661a
ssdeep: 24576:nJ4NB2RY5W+W6t+G74g0BjCeq+r1J4Es/uoV1iSx2U2PdqP:nJmBzW+b+G74g0BmOITukwvPdQ
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1BA352331FF805D15E22C8036A909D2721469BC217BD5957B33E6BFDBB638B602625C2E
sha3_384: 65663e0e8faa6f6c5ed797b332f9d2083c820d131c842ae95166491417e860bf1c3738a5372677be5563f4dcfcaa543a
ep_bytes: 90be00a05a008dbe0070e5ffc787e89d
timestamp: 2021-10-13 07:47:47


Version Info:

CompanyName: -
FileDescription:  
FileVersion: 3.2.0.8 
InternalName: FastDownloader.exe 
LegalCopyright: Copyright (C) 2018
OriginalFilename: FastDownloader.exe 
ProductName: 软件下载器 
ProductVersion: 3.2.0.8 
Translation: 0x0804 0x04b0

Malware.AI.38950278 also known as:

Elasticmalicious (high confidence)
McAfeeArtemis!05DD9282E70C
CylanceUnsafe
ZillyaTool.Downer.Win32.318
SangforPUP.Win32.Agent.mrtv
K7AntiVirusRiskware ( 0057e1971 )
AlibabaDownloader:Win32/Downer.3308511f
K7GWRiskware ( 0057e1971 )
Cybereasonmalicious.2e70c6
CyrenW32/Trojan.AKAA-7955
SymantecPUA.Gen.2
ESET-NOD32a variant of Win32/RiskWare.Downer.E
APEXMalicious
Paloaltogeneric.ml
Kasperskynot-a-virus:Downloader.Win32.Agent.mrtv
SUPERAntiSpywarePUP.Downer/Variant
AvastWin32:DangerousSig [Trj]
TencentPua:Adware.Win32.Downloader.16000012
SophosGeneric PUA PG (PUA)
ComodoPacked.Win32.MUPX.Gen@24tbus
DrWebAdware.Downware.20037
TrendMicroPUA.Win32.Downer.DN
McAfee-GW-EditionBehavesLike.Win32.MaybeSpoofedCert.tc
IkarusPUA.RiskWare.Downer
JiangminDownloader.Agent.pcg
WebrootW32.Adware.Gen
Antiy-AVLTrojan/Generic.ASMalwS.34FE870
ViRobotAdware.Downer.1084632
ZoneAlarmnot-a-virus:Downloader.Win32.Agent.mrtv
MicrosoftPUADlManager:Win32/Downer
CynetMalicious (score: 100)
AhnLab-V3PUP/Win.Installer.R445894
VBA32Downloader.Agent
MalwarebytesMalware.AI.38950278
TrendMicro-HouseCallPUA.Win32.Downer.DN
RisingTrojan.Bitrep!8.F596 (CLOUD)
MaxSecureTrojan.Malware.12156347.susgen
FortinetRiskware/Downer.DD89
AVGWin32:DangerousSig [Trj]
PandaTrj/Genetic.gen
CrowdStrikewin/grayware_confidence_70% (D)

How to remove Malware.AI.38950278?

Malware.AI.38950278 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment