Malware

How to remove “Malware.AI.3948726999”?

Malware Removal

The Malware.AI.3948726999 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.3948726999 virus can do?

  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Anomalous .NET characteristics
  • CAPE detected the PyInstaller malware family

How to determine Malware.AI.3948726999?



File Info:

name: 35DE75A4B4C940F4D949.mlw
path: /opt/CAPEv2/storage/binaries/c4274ab7788047c523ec143557ae61072a8cd9a5405259c6dddf0ed148c36a27
crc32: 4F73C276
md5: 35de75a4b4c940f4d949091ab9a3a66b
sha1: 038038a22a28ba4ce0bd4c078af42486ff5c4af0
sha256: c4274ab7788047c523ec143557ae61072a8cd9a5405259c6dddf0ed148c36a27
sha512: 2aa7930001f852e2b399a86090f7efe6390cb9baca6d04819039fdc04d4ad1b85e239846f72a0f34fa31d6c538c53f98aaf586ee24c3067c3863b14768f81418
ssdeep: 196608:P/i0MhC+BTX1QFhjwt25Hnuz48RmU/3ZlsPvXfHTvN8Ca8koJH0Lm1mkeUh6+9:HilAuOHuztN3ZWXfTQxoYHkXr9
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1B3C623E0BA908179D46D9B37C101B4EF823E6E817E2FE3598D5478E93EB33D47A14522
sha3_384: dd76120e8e455af112ff9459bde74d6b239f637cd344c8e01309fa936e5dc4cf9b56260fbfad7c70e4fd9bdf6bcb8bb0
ep_bytes: ff250020400000000000000000000000
timestamp: 2022-03-22 19:08:47


Version Info:

Translation: 0x0000 0x04b0
FileDescription:  
FileVersion: 0.0.0.0
InternalName: NumLookup.exe
LegalCopyright:  
OriginalFilename: NumLookup.exe
ProductVersion: 0.0.0.0
Assembly Version: 0.0.0.0

Malware.AI.3948726999 also known as:

LionicTrojan.MSIL.RRAT.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Ser.MSILHeracles.270
CAT-QuickHealTrojan.YakbeexMSIL.ZZ4
McAfeeGenericRXTH-XT!35DE75A4B4C9
CylanceUnsafe
VIPREGen:Variant.Ser.MSILHeracles.270
SangforRiskware.Win32.Agent.ky
K7AntiVirusTrojan ( 005571e01 )
BitDefenderGen:Variant.Ser.MSILHeracles.270
K7GWTrojan ( 005571e01 )
Cybereasonmalicious.4b4c94
CyrenW32/MSIL_Kryptik.GHW.gen!Eldorado
SymantecTrojan.Dropper!g4
ESET-NOD32a variant of MSIL/TrojanDropper.Agent.EHR
APEXMalicious
Paloaltogeneric.ml
CynetMalicious (score: 99)
KasperskyUDS:DangerousObject.Multi.Generic
AlibabaTrojan:MSIL/Bladabindi.e153007b
RisingTrojan.Generic/MSIL@AI.100 (RDM.MSIL:pEQJgwvrnwyooOqtmcjVfA)
Ad-AwareGen:Variant.Ser.MSILHeracles.270
SophosGeneric ML PUA (PUA)
F-SecureHeuristic.HEUR/AGEN.1203084
DrWebTrojan.DownLoader33.2025
TrendMicroTROJ_GEN.R002C0DEB22
McAfee-GW-EditionGenericRXTH-XT!35DE75A4B4C9
Trapminemalicious.high.ml.score
FireEyeGeneric.mg.35de75a4b4c940f4
EmsisoftGen:Variant.Ser.MSILHeracles.270 (B)
AviraHEUR/AGEN.1203084
MAXmalware (ai score=81)
Antiy-AVLTrojan/Generic.ASMalwS.6A78
MicrosoftTrojan:MSIL/Bladabindi
GDataGen:Variant.Ser.MSILHeracles.270
GoogleDetected
AhnLab-V3Trojan/Win32.RL_Generic.C4007700
Acronissuspicious
ALYacGen:Variant.Ser.MSILHeracles.270
MalwarebytesMalware.AI.3948726999
TrendMicro-HouseCallTROJ_GEN.R002C0DEB22
TencentMsil.Trojan.Rrat.Yylw
SentinelOneStatic AI – Malicious PE
FortinetMSIL/Agent.FYL!tr.dldr
BitDefenderThetaGen:NN.ZemsilF.34682.@t0@a0mGkae
AVGWin32:RATX-gen [Trj]
AvastWin32:RATX-gen [Trj]
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Malware.AI.3948726999?

Malware.AI.3948726999 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment