Malware

Malware.AI.3955412164 removal guide

Malware Removal

The Malware.AI.3955412164 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.3955412164 virus can do?

  • Sample contains Overlay data
  • Presents an Authenticode digital signature
  • CAPE extracted potentially suspicious content
  • Unconventionial language used in binary resources: Hebrew
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Malware.AI.3955412164?



File Info:

name: 57BFA0C7FA2394D10691.mlw
path: /opt/CAPEv2/storage/binaries/9896bd3b61f7cb3a77bc163e8dc223544638f875e85cac471f0301cf02d70b5a
crc32: D838FF54
md5: 57bfa0c7fa2394d106915af7c9a4a0a7
sha1: a07d41a3bf1fc981aa924cc473c1a1f8f85e16ff
sha256: 9896bd3b61f7cb3a77bc163e8dc223544638f875e85cac471f0301cf02d70b5a
sha512: 48d351ff6f5b75993fa7b6043b1bbba124edaab05e7165005247db7912f624a48ef7cdaa1c84214fde59d772f17e0402cc767fc439474848acb03b7297744778
ssdeep: 1536:pbcLk0IMVvBfKwN3IkCazDJeYfK7fabRaREgObiB:ZcLkSVdKkIkCk4Y+RGK
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1BE53C0C3DA2CA141F2414E3591EF8717AE31B5051B448BFB21AE891E6C927F1BF6514E
sha3_384: b0d6fb00d72fdc880f43ee902cc1b263e55f3274ff24f41a1242e968783600f5b6b27d32b4e48a6891cfd2422b78a295
ep_bytes: 60be000041008dbe0010ffff5783cdff
timestamp: 2016-06-28 20:54:40


Version Info:

CompanyName: NirSoft
FileDescription: IE Passwords Viewer
FileVersion: 1.35
InternalName: iepv
LegalCopyright: Copyright © 2006 - 2016 Nir Sofer
OriginalFilename: iepv.exe
ProductName: IE Pass View
ProductVersion: 1.35
Translation: 0x0409 0x04b0

Malware.AI.3955412164 also known as:

BkavW32.Common.49AF79FE
LionicRiskware.Win32.PassView.1!c
CynetMalicious (score: 99)
FireEyeApplication.Generic.3385136
SkyhighHTool-PassView
McAfeeHTool-PassView
Cylanceunsafe
ZillyaTool.PassViewer.Win32.72
CrowdStrikewin/grayware_confidence_90% (D)
K7GWUnwanted-Program ( 004d38111 )
K7AntiVirusUnwanted-Program ( 004d38111 )
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/PSWTool.IEPassView.NAE potentially unsafe
Kasperskynot-a-virus:PSWTool.Win32.NetPass.wia
BitDefenderApplication.Generic.3385136
MicroWorld-eScanApplication.Generic.3385136
AvastWin32:PSWtool-H [PUP]
SophosNirSoft IE Pass View (PUA)
F-SecurePrivacyRisk.SPR/PSW.Gen
DrWebTool.PassView.1798
VIPREApplication.Generic.3385136
TrendMicroHKTL_PASSVIEW
EmsisoftApplication.Generic.3385136 (B)
JiangminPSWTool.IEPassView.da
WebrootW32.Passviewer
VaristW32/ABTrojan.RTUH-2025
AviraSPR/PSW.Gen
Antiy-AVLTrojan/Win32.TSGeneric
XcitiumApplicUnwnt@#r2dvxfdtifm6
ArcabitApplication.Generic.D33A730
ZoneAlarmnot-a-virus:PSWTool.Win32.NetPass.wia
GDataApplication.Generic.3385136
GoogleDetected
AhnLab-V3PUP/Win32.PassView.C1553650
ALYacApplication.Generic.3385136
MAXmalware (ai score=99)
MalwarebytesMalware.AI.3955412164
TrendMicro-HouseCallHKTL_PASSVIEW
RisingHackTool.IEPassView!1.68FF (CLOUD)
YandexRiskware.PSWTool!FLPBRpnp17E
SentinelOneStatic AI – Suspicious PE
MaxSecureTrojan.Malware.9641314.susgen
FortinetRiskware/PassViewer
AVGWin32:PSWtool-H [PUP]
DeepInstinctMALICIOUS

How to remove Malware.AI.3955412164?

Malware.AI.3955412164 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment