Malware.AI.3927748087 (file analysis)

The Malware.AI.3927748087 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.3927748087 virus can do?

Authenticode signature is invalid
CAPE detected the shellcode get eip malware family
Yara detections observed in process dumps, payloads or dropped files

How to determine Malware.AI.3927748087?


File Info:
name: 3C66B78B00EEDB1AEB96.mlw
path: /opt/CAPEv2/storage/binaries/4fdfacb9e2d5a235a214191b148a717c955b78f9f3ea0f31cec34ac681613c04
crc32: 9747BB09
md5: 3c66b78b00eedb1aeb9632dba02c6719
sha1: e3dd26358fe773b8d82f55ee695c2143bbe4a0e2
sha256: 4fdfacb9e2d5a235a214191b148a717c955b78f9f3ea0f31cec34ac681613c04
sha512: 08374189925389784381364204029142636a5bc57c444179987b971012e9abb21b0f10fe44ea454a782c8d832f5ed388c67f26a89092db17a3ef6f6754940c40
ssdeep: 3072:Rac9GMgdDZ7Kub6jtKso0jcN7IP1dnqA1x:Rt0DZ7KM5NkP1dqA1x
type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
tlsh: T15CB39D617380D035D0925830AAFA83729A7F383216B5958F77848A780EB37D3E97D767
sha3_384: 3cc3c474dcfa837d2475d7c4065f35f21a67382042f1c256fa86032924b86d2989feb2151a6db11a81aa2595468577fe
ep_bytes: 8bff558bec837d0c017505e877350000
timestamp: 2020-09-09 10:50:12

Version Info:
0: [No Data]

Malware.AI.3927748087 also known as:

Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.DarkGalaxy.m!c
AVG	MBR:Mykings-A [Boot]
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Ursu.907591
FireEye	Gen:Variant.Ursu.907591
Skyhigh	RDN/Generic BackDoor
McAfee	RDN/Generic BackDoor
Malwarebytes	Malware.AI.3927748087
Sangfor	Backdoor.Win32.Darkgalaxy.Vao2
Alibaba	Backdoor:Win32/DarkGalaxy.59ede4fd
BitDefenderTheta	Gen:NN.ZedlaF.36804.gu4@a8I5v3mi
Symantec	Trojan.Gen.MBT
ESET-NOD32	a variant of Generik.LVYEFUS
Cynet	Malicious (score: 99)
APEX	Malicious
Paloalto	generic.ml
Kaspersky	HEUR:Backdoor.Win32.DarkGalaxy.gen
BitDefender	Gen:Variant.Ursu.907591
NANO-Antivirus	Trojan.Win32.DarkGalaxy.jqapdn
Avast	MBR:Mykings-A [Boot]
Rising	Backdoor.DarkGalaxy!8.E897 (CLOUD)
Emsisoft	Gen:Variant.Ursu.907591 (B)
F-Secure	Backdoor.BDS/Redcap.xrmbw
DrWeb	Trojan.NtRootKit.19689
VIPRE	Gen:Variant.Ursu.907591
TrendMicro	TROJ_GEN.R002C0PDN24
Sophos	Mal/Generic-S
Varist	W32/ABRisk.GPWX-4897
Avira	BDS/Redcap.xrmbw
MAX	malware (ai score=86)
Antiy-AVL	Trojan[Backdoor]/Win32.DarkGalaxy
Microsoft	Trojan:Win32/Wacatac.A!ml
Arcabit	Trojan.Ursu.DDD947
ZoneAlarm	HEUR:Backdoor.Win32.DarkGalaxy.gen
GData	Gen:Variant.Ursu.907591
Google	Detected
AhnLab-V3	Malware/Win32.Generic.C4185007
ALYac	Gen:Variant.Ursu.907591
Cylance	unsafe
Panda	Trj/Chgt.AA
TrendMicro-HouseCall	TROJ_GEN.R002C0PDN24
Tencent	Malware.Win32.Gencirc.14099907
Ikarus	Trojan.SuspectCRC
Fortinet	W32/PossibleThreat
DeepInstinct	MALICIOUS
alibabacloud	Trojan.Win.UnkAgent

How to remove Malware.AI.3927748087?

Malware.AI.3927748087 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X