Malware.AI.3945386922 removal instruction

The Malware.AI.3945386922 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.3945386922 virus can do?

Dynamic (imported) function loading detected
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid
Anomalous binary characteristics
Binary compilation timestomping detected

How to determine Malware.AI.3945386922?


File Info:
name: A9DCA9457B4D5A68EE58.mlw
path: /opt/CAPEv2/storage/binaries/d4cc322951efcfc5619691d60183483c041363edd80de948d34535558a508bbb
crc32: F4BFBAA0
md5: a9dca9457b4d5a68ee584a42a1f8123e
sha1: da8bc60558e3bc734fd16134ec83ce158d0e1351
sha256: d4cc322951efcfc5619691d60183483c041363edd80de948d34535558a508bbb
sha512: e78d1a40131aabb02eae23281e2ca73f1f44f882507e9c16bf9cd7702f1b7b14864b1772a7f90763f851bf66e557ae6ea3100f506139bd0d6c791a6b3c603734
ssdeep: 3072:I0Wy0DLSo2q+0UvyWlF5ZrUnymi6Ms8J:z90DursAlFsnyq8
type: PE32+ executable (GUI) x86-64, for MS Windows
tlsh: T1F5B3023FA5794377D9B91F3B4BE3C39186E9CA000702571F3AF5614B2D83A828E62695
sha3_384: 647810e28f9e3e0b168bca78693c4e3bd8df446b72087ba83ba4af11f3923082c16a84cdaa98be993451905c82dd7329
ep_bytes: 4d5a90000300000004000000ffff0000
timestamp: 2095-09-14 12:14:11

Version Info:
Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: WindowsApp2
FileVersion: 1.0.0.0
InternalName: WindowsApp2.exe
LegalCopyright: Copyright ©  2021
LegalTrademarks: 
OriginalFilename: WindowsApp2.exe
ProductName: WindowsApp2
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Malware.AI.3945386922 also known as:

Elastic	malicious (high confidence)
DrWeb	BackDoor.Bladabindi.15771
MicroWorld-eScan	Gen:Variant.Bulz.287404
FireEye	Generic.mg.a9dca9457b4d5a68
McAfee	GenericRXQX-XF!A9DCA9457B4D
CrowdStrike	win/malicious_confidence_90% (W)
Alibaba	Backdoor:MSIL/Bladabindi.36b1aaad
Cyren	W64/MSIL_Kryptik.GFA.gen!Eldorado
ESET-NOD32	a variant of MSIL/Kryptik.MDH
APEX	Malicious
Kaspersky	HEUR:Backdoor.MSIL.Bladabindi.gen
BitDefender	Gen:Variant.Bulz.287404
Avast	Win64:RATX-gen [Trj]
Ad-Aware	Gen:Variant.Bulz.287404
TrendMicro	TROJ_GEN.R002C0WL321
McAfee-GW-Edition	Artemis!Trojan
Emsisoft	Gen:Variant.Bulz.287404 (B)
Ikarus	Trojan.MSIL.Crypt
Avira	TR/AD.Bladabindi.gmush
MAX	malware (ai score=89)
Gridinsoft	Ransom.Win64.Sabsik.sa
Microsoft	Backdoor:MSIL/Bladabindi.AJ
GData	Gen:Variant.Bulz.287404
Cynet	Malicious (score: 99)
ALYac	Gen:Variant.Bulz.287404
Malwarebytes	Malware.AI.3945386922
TrendMicro-HouseCall	TROJ_GEN.R002C0WL321
Tencent	Win32.Trojan.Bulz.Lpvg
SentinelOne	Static AI – Malicious PE
Fortinet	MSIL/Kryptik.MDH!tr
AVG	Win64:RATX-gen [Trj]
Cybereason	malicious.57b4d5

How to remove Malware.AI.3945386922?

Malware.AI.3945386922 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X