Malware.AI.3897604615 (file analysis)

The Malware.AI.3897604615 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.3897604615 virus can do?

Behavioural detection: Executable code extraction – unpacking
Authenticode signature is invalid
Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Malware.AI.3897604615?


File Info:
name: DADF8BDD37B85315AA6D.mlw
path: /opt/CAPEv2/storage/binaries/828dc4e697641c6615799be6b46249c41922ebf15635ecac26a093b8d22a02e7
crc32: 10DEABCF
md5: dadf8bdd37b85315aa6d163b935f3ff7
sha1: 4ff87f8d4166eebb4e395fa7531afe80e50646b7
sha256: 828dc4e697641c6615799be6b46249c41922ebf15635ecac26a093b8d22a02e7
sha512: 07bd38307ce0c9babcad4d5c6106ce5ad69de3f26799065a31f6bf89a8b4a7cbf3278ba90206dc2ed176b89b300d953d97fe76986ce7fcca43832f3a6bc3d0a0
ssdeep: 768:cV90PG690PGw3uYfqhQzFhHpE0lnNHSXtfk2PGv9:I90+690+of+QRhHPlNHSc2+v9
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T183533E2637989088F1C4C9311DC79E6848F5BC325441BEAA77D23F6E6F72AD3D4E424A
sha3_384: bc65e813d3b3b5fa3914a110a03cd529859f9f57404fcb425492925d13f9bc8d79efec9f9ab5b22bb8c25fec720680ca
ep_bytes: 6888644000e8eeffffff000000000000
timestamp: 2015-02-04 18:01:17

Version Info:
Translation: 0x0409 0x04b0
ProductName: microsoft
FileVersion: 1.00
ProductVersion: 1.00
InternalName: Project1
OriginalFilename: Project1.exe

Malware.AI.3897604615 also known as:

Bkav	W32.PacdogteyLTAD.Trojan
Lionic	Trojan.Win32.Generic.4!c
MicroWorld-eScan	Gen:Variant.Babar.39372
ClamAV	Win.Trojan.Amff22hi-7611200-0
FireEye	Generic.mg.dadf8bdd37b85315
ALYac	Gen:Variant.Babar.39372
Malwarebytes	Malware.AI.3897604615
Sangfor	Trojan.Win32.Agent.Vkr9
Alibaba	TrojanDropper:Win32/Generic.b88c0e91
Cybereason	malicious.d37b85
Arcabit	Trojan.Babar.D99CC
Symantec	Trojan.Zbot
Elastic	malicious (high confidence)
APEX	Malicious
Cynet	Malicious (score: 99)
BitDefender	Gen:Variant.Babar.39372
NANO-Antivirus	Trojan.Win32.KillFiles.dpgayl
Avast	Win32:Malware-gen
Emsisoft	Gen:Variant.Babar.39372 (B)
F-Secure	Trojan.TR/Dropper.Gen
DrWeb	Trojan.KillFiles.25596
VIPRE	Gen:Variant.Babar.39372
McAfee-GW-Edition	BehavesLike.Win32.Infected.kt
Trapmine	malicious.high.ml.score
Sophos	Mal/Generic-S
SentinelOne	Static AI – Suspicious PE
Avira	TR/Dropper.Gen
GData	Gen:Variant.Babar.39372
Google	Detected
McAfee	Artemis!DADF8BDD37B8
MAX	malware (ai score=80)
VBA32	BScope.TrojanDropper.Dapato
Cylance	unsafe
TrendMicro-HouseCall	TROJ_GEN.R002H0CEC23
Rising	Trojan.Clicker!8.1972 (TFE:5:1J89VqEGaLK)
Yandex	Trojan.DR.Agent!1IveyAvRC48
Ikarus	Trojan.SuspectCRC
MaxSecure	Trojan.Malware.300983.susgen
BitDefenderTheta	AI:Packer.72C992231F
AVG	Win32:Malware-gen
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_100% (W)

How to remove Malware.AI.3897604615?

Malware.AI.3897604615 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X