Malware

Malware.AI.3955157594 removal guide

Malware Removal

The Malware.AI.3955157594 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.3955157594 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Attempts to connect to a dead IP:Port (1 unique times)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • NtSetInformationThread: attempt to hide thread from debugger
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is likely packed with VMProtect
  • Authenticode signature is invalid

How to determine Malware.AI.3955157594?



File Info:

name: 4199D0324B36553A3F81.mlw
path: /opt/CAPEv2/storage/binaries/7b03adc2a96d8ac3e541d2098bc8fde29058d5e1ea9020b17de55ca47bcfade8
crc32: A65BAA3D
md5: 4199d0324b36553a3f81125f149450e8
sha1: b00940ecbaad23d89376ca8f8defd8f822782d92
sha256: 7b03adc2a96d8ac3e541d2098bc8fde29058d5e1ea9020b17de55ca47bcfade8
sha512: b747ef154bb469472a45628063d7eb8d3d2793e4950b511e38f3a3db690e12935b7fd6ef84c1cd3e256175b473e00df9b63f8fbbdb448660dd348c191a507310
ssdeep: 6144:BJ3S1p2L8V6jL1jDydchgJZuBIqJh9hR1K5HGKwY5PzlNzhse:DKdVgZDyVJZuBhhXKU5IzPV
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T135440142E59326E6D87B03302663A92E7F72BC4056665F33E5C53E2E3C3A5986F58334
sha3_384: 24424c6458d34fe1790006c357c99269928b07f5c6975179f2e74eecd32683d625a25929dc64174bccdb72a5fddbb324
ep_bytes: 9ce8d60100000000476469706c757353
timestamp: 2022-06-30 07:43:04


Version Info:

Comments: Update.exe
CompanyName: Update.exe
FileDescription: Update.exe
FileVersion: 1, 0, 0, 1
InternalName: Update.exe
LegalCopyright: 版权所有 (C) 2022
OriginalFilename: Update.exe
ProductName: Update.exe
ProductVersion: 1, 0, 0, 1
Translation: 0x0804 0x04b0

Malware.AI.3955157594 also known as:

BkavW32.AIDetect.malware1
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Strictor.273466
FireEyeGeneric.mg.4199d0324b36553a
McAfeeRDN/Generic Downloader.x
CylanceUnsafe
AlibabaTrojanDownloader:Win32/DrivLoad.77682f1e
CrowdStrikewin/malicious_confidence_100% (D)
SymantecML.Attribute.HighConfidence
APEXMalicious
KasperskyTrojan-Downloader.Win32.DrivLoad.w
BitDefenderGen:Variant.Strictor.273466
AvastWin32:Malware-gen
TencentWin32.Trojan-downloader.Drivload.Pbph
Ad-AwareGen:Variant.Strictor.273466
SophosGeneric ML PUA (PUA)
VIPREGen:Variant.Strictor.273466
McAfee-GW-EditionBehavesLike.Win32.Generic.dc
Trapminemalicious.high.ml.score
EmsisoftGen:Variant.Strictor.273466 (B)
GDataGen:Variant.Strictor.273466
AviraTR/Redcap.bqlkb
MicrosoftTrojan:Script/Sabsik.FL.B!ml
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win.Generic.R497908
BitDefenderThetaGen:NN.ZexaF.34742.qC0@aC4uK@jb
ALYacGen:Variant.Strictor.273466
MAXmalware (ai score=82)
VBA32BScope.Trojan.Snojan
MalwarebytesMalware.AI.3955157594
TrendMicro-HouseCallTROJ_GEN.R06CH09G122
RisingTrojan.Generic@AI.93 (RDML:WykwUg4Q5yZLg6eIVMQHfw)
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
AVGWin32:Malware-gen
Cybereasonmalicious.cbaad2

How to remove Malware.AI.3955157594?

Malware.AI.3955157594 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment