About “Malware.AI.3916707661” infection

The Malware.AI.3916707661 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.3916707661 virus can do?

Dynamic (imported) function loading detected
CAPE extracted potentially suspicious content
Authenticode signature is invalid

How to determine Malware.AI.3916707661?


File Info:
name: 9A8BF71A5E6EDDB78AA9.mlw
path: /opt/CAPEv2/storage/binaries/dfbc5e00e753e956d9d9f5ba03d1bc7dfd556271ffca73694f0eaa77dc5cdb2b
crc32: F520524C
md5: 9a8bf71a5e6eddb78aa957b63e4350e7
sha1: 0cac049f80869a46424c3b0c36ec3dab8e1657ab
sha256: dfbc5e00e753e956d9d9f5ba03d1bc7dfd556271ffca73694f0eaa77dc5cdb2b
sha512: 7114536e4a4675b1dc779559c6309b324e177c098198344199148580758e14f17241aab269f6af74f8b345342ffb0904f71a99a722781f3e7c8566a72b93cf8d
ssdeep: 12288:zNNdjaVzdYTAnTi7QgiciKdsAqjXSIkPjpIV04S5DjfQI:2TiEgHlK
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T15AF4C86026FE5414E1739AF277D0B3619BAAAFEE22767FE850C07ECA4B017404D741AD
sha3_384: e9d8cbd34d86c7c9dbf02ee9fee84a4c173328ddd4bd46030e92595caf197727d0cc29b51ec6ad4eb80411b4eb5bfbd4
ep_bytes: ff250020400000000000000000000000
timestamp: 2022-07-26 01:15:28

Version Info:
Translation: 0x0000 0x04b0
Comments: Windows 服务主进程
CompanyName: Microsoft Corporation
FileDescription: svchost.exe
FileVersion: 8.1.3.2145
InternalName: svchost.exe
LegalCopyright: © Microsoft Corporation. All rights reserved.
OriginalFilename: svchost.exe
ProductName: Microsoft® Windows® Operating System
ProductVersion: 8.1.3.2145
Assembly Version: 2.9.5.4447

Malware.AI.3916707661 also known as:

Bkav	W32.AIDetectNet.01
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Heur.MSIL.Krypt.!cdmip!.2
FireEye	Generic.mg.9a8bf71a5e6eddb7
McAfee	Artemis!9A8BF71A5E6E
Cylance	Unsafe
Sangfor	Suspicious.Win32.Save.a
CrowdStrike	win/malicious_confidence_90% (D)
BitDefenderTheta	Gen:NN.ZemsilF.34806.Tm0@aiFUznp
Cyren	W32/Trojan.DIS.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of MSIL/Kryptik.AFDE
APEX	Malicious
Kaspersky	UDS:Trojan.Win32.GenericML.xnet
BitDefender	Gen:Heur.MSIL.Krypt.!cdmip!.2
Avast	Win32:CrypterX-gen [Trj]
Tencent	Trojan.Win32.Coinminer.16000500
Ad-Aware	Gen:Heur.MSIL.Krypt.!cdmip!.2
Sophos	ML/PE-A
VIPRE	Gen:Heur.MSIL.Krypt.!cdmip!.2
McAfee-GW-Edition	Artemis
Trapmine	suspicious.low.ml.score
Emsisoft	Gen:Heur.MSIL.Krypt.!cdmip!.2 (B)
Ikarus	Trojan.MSIL.Crypt
Avira	HEUR/AGEN.1248318
MAX	malware (ai score=83)
Microsoft	Trojan:Win32/Wacatac.B!ml
GData	Gen:Heur.MSIL.Krypt.!cdmip!.2
Cynet	Malicious (score: 100)
Acronis	suspicious
VBA32	CIL.StupidStealth.Heur
ALYac	Gen:Heur.MSIL.Krypt.!cdmip!.2
Malwarebytes	Malware.AI.3916707661
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	MSIL/Lazy.1756!tr
AVG	Win32:CrypterX-gen [Trj]
Cybereason	malicious.a5e6ed

How to remove Malware.AI.3916707661?

Malware.AI.3916707661 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X