Malware.AI.3942437033 (file analysis)

The Malware.AI.3942437033 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.3942437033 virus can do?

Sample contains Overlay data
Reads data out of its own binary image
Unconventionial language used in binary resources: Chinese (Simplified)
Authenticode signature is invalid

How to determine Malware.AI.3942437033?


File Info:
name: E2540D4A462D0EA1B022.mlw
path: /opt/CAPEv2/storage/binaries/d0cb96c4f4b0ecdb9a59f816405d71d5a45ce4b8fe188b355add8ea8e0246624
crc32: B507D65F
md5: e2540d4a462d0ea1b022d81b2dc6803b
sha1: 5e7b358c214ec69fb22f8fa58413c345a0af7ca6
sha256: d0cb96c4f4b0ecdb9a59f816405d71d5a45ce4b8fe188b355add8ea8e0246624
sha512: 3f36e822902c954ed9157148367dc56cab5cbdeb8de3c05bce4334c8505dbf25b2b2392933281717979c296276bb2e98c02860a42da7c4c2bc4df1c949c15afe
ssdeep: 6144:oTJFBDQuZhSlikfbjUl9oGvSWlL24atTBJSi:oTJ4uulHTjACeSP4atTD
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T193948C35402D0C63C3BABC3CF695D0E152E106EA5AB70CDAFA55847A59F1CAC971E2CB
sha3_384: 10c1813d073d034228617bd7c54c030a3e6efea3db8d692d07e99cc08e4cbf8dc19d5b6fc8af2a5df0ed146d5a9393a0
ep_bytes: 558bec6aff68a01c45006876bf440064
timestamp: 2010-06-09 10:31:35

Version Info:
0: [No Data]

Malware.AI.3942437033 also known as:

Bkav	W32.AIDetect.malware2
Elastic	malicious (high confidence)
MicroWorld-eScan	Trojan.GenericKDZ.91095
FireEye	Generic.mg.e2540d4a462d0ea1
CAT-QuickHeal	W32.Agent.EA
ALYac	Trojan.GenericKDZ.91095
Malwarebytes	Malware.AI.3942437033
Zillya	Backdoor.Banito.Win32.713
Sangfor	Suspicious.Win32.Save.ins
K7AntiVirus	Trojan ( 00050a041 )
K7GW	Trojan ( 00050a041 )
Cybereason	malicious.a462d0
BitDefenderTheta	AI:Packer.4A265FBD1F
VirIT	Trojan.Win32.Agent.FQQ
Cyren	W32/Unruy.H.gen!Eldorado
Symantec	W32.Unruy.A
ESET-NOD32	a variant of Win32/Obfuscated.NEZ
Baidu	Win32.Backdoor.Gpigeon2010.a
TrendMicro-HouseCall	TROJ_UNRUY.SMKV
ClamAV	Win.Trojan.Unruy-5880
Kaspersky	HEUR:Trojan.Win32.Generic
BitDefender	Trojan.GenericKDZ.91095
NANO-Antivirus	Trojan.Win32.Bandito.fttdkf
Cynet	Malicious (score: 100)
SUPERAntiSpyware	Trojan.Agent/Gen-Banito
Avast	Win32:Unruy-N [Trj]
Tencent	Trojan.Win32.Banito.a
Ad-Aware	Trojan.GenericKDZ.91095
Emsisoft	Trojan.GenericKDZ.91095 (B)
Comodo	TrojWare.Win32.Agent.QTV@4pnpwk
DrWeb	BackDoor.Bandito.1485
VIPRE	Trojan.GenericKDZ.91095
TrendMicro	TROJ_UNRUY.SMKV
McAfee-GW-Edition	BehavesLike.Win32.PWSZbot.gm
Sophos	ML/PE-A + Mal/Unruy-D
APEX	Malicious
Jiangmin	Trojan/Generic.bhtwn
Webroot	W32.Downloader.Gen
Avira	W32/Agent.EA
Antiy-AVL	Trojan/Generic.ASMalwS.B28
Arcabit	Trojan.Generic.D163D7
ViRobot	Backdoor.Win32.A.Banito.980054
GData	Win32.Trojan.PSE1.1S1F4JL
Google	Detected
AhnLab-V3	Trojan/Win32.Unruy.C73140
McAfee	Downloader-BZH.gen.a
MAX	malware (ai score=83)
VBA32	BScope.Trojan.TE.01527
Rising	Backdoor.Win32.Gpigeon2010.aai (CLASSIC)
Yandex	Trojan.Agent!kVB9IwjmIho
SentinelOne	Static AI – Malicious PE
MaxSecure	Virus.W32.Renamer.E
Fortinet	W32/Generic.AC.1465!tr
AVG	Win32:Unruy-N [Trj]
Panda	Trj/Genetic.gen
CrowdStrike	win/malicious_confidence_100% (W)

How to remove Malware.AI.3942437033?

Malware.AI.3942437033 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X