Malware

Should I remove “Malware.AI.3931432970”?

Malware Removal

The Malware.AI.3931432970 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.3931432970 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Dynamic (imported) function loading detected
  • Unconventionial language used in binary resources: Spanish (Modern)
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Malware.AI.3931432970?



File Info:

name: 3F271401279D716F1DB1.mlw
path: /opt/CAPEv2/storage/binaries/008261d02c1449df17cf39287cb5e4984a9f5c4bf6e918e8083a98ce2ca2b6d7
crc32: F532C9FE
md5: 3f271401279d716f1db10f6a58fb2bad
sha1: f9a5275dac7f175b4740a357bb3664c073ffc093
sha256: 008261d02c1449df17cf39287cb5e4984a9f5c4bf6e918e8083a98ce2ca2b6d7
sha512: 1a1ccd379841b0871fa54055b52c37c62da8ce90903189ed72f95f38b762fe89dd44c318ba8101994331e48cd8aa185ef667f022a6bbcf00d8066ef522acf747
ssdeep: 6144:ENoeuW476DjhzduznQrMt1Dn6RNmQ+sfyhhUqkiDrVBMNibpOy23QdujRjLG1zKn:7eTo/Sy21jrqZkVfO2L
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T18F748317FA50B00AD987C4702929D966AC26BD761580AD07F3C53F1BA2F16E3A4F271F
sha3_384: 2d4be5c283f6fd704041c0122fc5986f13b97e8b9901efbcaafbc0f2f7c86a4528e545289c2d47a30c6f6f3070841e84
ep_bytes: 68c4424000e8f0ffffff000000000000
timestamp: 2017-07-17 16:11:14


Version Info:

Translation: 0x0c0a 0x04b0
CompanyName: Out Of Bounds
FileDescription: Net Send Tool
LegalCopyright: Disclaimer:  COMPANY makes no representations or warranties, express or implied, with respect to this application or any part thereof, including any warrantees of title, noninfringement of copyright or patent rights of others, merchantability, or suitability for any purpose. COMPANY accepts no responsibility for any financial or other loss or damage that may result from its use.  Losses that may result from the use of this product lies solely with the user of this product.  Use of this application by USER constitutes understanding and acceptance of this claim.
ProductName: Out Of Bounds EXTREME Netsender
FileVersion: 1.00
ProductVersion: 1.00
InternalName: ExtremeNetSend
OriginalFilename: ExtremeNetSend.exe

Malware.AI.3931432970 also known as:

LionicTrojan.Win32.Xtrat.4!c
MicroWorld-eScanGen:Variant.Jaiks.2456
FireEyeGeneric.mg.3f271401279d716f
CAT-QuickHealTrojan.XtratVMF.S21201482
McAfeeGenericRXCC-JE!3F271401279D
CylanceUnsafe
ZillyaTrojan.GenKryptik.Win32.9254
SangforBackdoor.Win32.Xtrat.8
K7AntiVirusTrojan ( 005127021 )
BitDefenderGen:Variant.Jaiks.2456
K7GWTrojan ( 005127021 )
Cybereasonmalicious.1279d7
BitDefenderThetaGen:NN.ZevbaF.34582.vm2@aOBgBMR
SymantecML.Attribute.HighConfidence
Elasticmalicious (moderate confidence)
ESET-NOD32a variant of Win32/GenKryptik.APGH
Paloaltogeneric.ml
KasperskyTrojan.Win32.Xtrat.aatm
AlibabaTrojan:Win32/Xtrat.5e8f9b8f
NANO-AntivirusTrojan.Win32.Xtrat.ercipi
APEXMalicious
RisingBackdoor.Xtrat!8.B25 (CLOUD)
Ad-AwareGen:Variant.Jaiks.2456
EmsisoftGen:Variant.Jaiks.2456 (B)
ComodoMalware@#33jbpks4pk6u5
DrWebTrojan.VbCrypt.250
VIPREGen:Variant.Jaiks.2456
McAfee-GW-EditionBehavesLike.Win32.Generic.fm
SophosMal/Trickbot-E
IkarusTrojan.Win32.Krypt
JiangminTrojan.Xtrat.afk
AviraHEUR/AGEN.1226053
Antiy-AVLTrojan/Generic.ASMalwS.29A
MicrosoftBackdoor:Win32/Xtrat.AC
GDataGen:Variant.Jaiks.2456
CynetMalicious (score: 99)
VBA32TScope.Trojan.VB
ALYacGen:Variant.Jaiks.2456
MAXmalware (ai score=85)
MalwarebytesMalware.AI.3931432970
PandaTrj/CI.A
TencentMalware.Win32.Gencirc.114978dc
YandexTrojan.Xtrat!/MLIa9N/vy8
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.W32.Multi.Generic
FortinetW32/Injector.EHLH!tr
AVGWin32:Malware-gen
AvastWin32:Malware-gen
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Malware.AI.3931432970?

Malware.AI.3931432970 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment