Malware

Malware.AI.3957177539 removal guide

Malware Removal

The Malware.AI.3957177539 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.3957177539 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • HTTPS urls from behavior.
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • CAPE detected the shellcode get eip malware family
  • Attempts to modify proxy settings
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Malware.AI.3957177539?



File Info:

name: CB2B4CD74C7B57A12BD8.mlw
path: /opt/CAPEv2/storage/binaries/5987a6e42c3412086b7c9067dc25f1aaa659b2b123581899e9df92cb7907a3ed
crc32: B15E862D
md5: cb2b4cd74c7b57a12bd822a168e4e608
sha1: f2182062719f0537071545b77ca75f39c2922bf5
sha256: 5987a6e42c3412086b7c9067dc25f1aaa659b2b123581899e9df92cb7907a3ed
sha512: 7a38be8c1270b1224be4975ad442a964b2523c849f748e5356156cdce39e494c64ca80b0d99c1d989d77f072902de8972e0b113894c9791fb0cabf856dbba348
ssdeep: 12288:vI3h+hoVEZnvy/hF4CMWZrU7S/iAfMIItotPP2rbPCrF7:vu+hIE9BYO7S/iAOtc4be
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1F7158F10D261E026EEF700F689BE67AD6518BF30132464C763C4AE6D5B7A9E27D3131B
sha3_384: c3d979e5ba6878d1e07afc49368da6aef7331f8f3e3c41102765913a72b39749f2918911ec9cd73ac9f507cae79940d5
ep_bytes: e8aea50000e989feffffc70198654a00
timestamp: 2020-03-08 09:21:22


Version Info:

OriginalFilename: ComparevalidatorIgamerefreshable.exe
CompanyName: Crawler.com
FileDescription: Weizs Cost Pagers Bootmgr
Languages: English
Comments: Weizs Cost Pagers Bootmgr
LegalCopyright: Copyright © 2000 - 2014 KG and its Licensors Crawler.com
FileVersion: 7.3.98.196
LegalTrademarks: Copyright © 2000 - 2014 KG and its Licensors Crawler.com
ProductName: ComparevalidatorIgamerefreshable
InternalName: ComparevalidatorIgamerefreshable
ProductVersion: 7.3.98.196
Translation: 0x0409 0x04b0

Malware.AI.3957177539 also known as:

BkavW32.Common.7A457C4C
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Jaik.39405
FireEyeGen:Variant.Jaik.39405
SkyhighBehavesLike.Win32.Infected.ch
ALYacTrojan.Agent.Zenpak
Cylanceunsafe
VIPREGen:Variant.Jaik.39405
SangforSuspicious.Win32.Save.ins
K7AntiVirusTrojan ( 005624751 )
AlibabaTrojanDownloader:Win32/Zenpak.dbe9d453
K7GWTrojan ( 005624751 )
VirITTrojan.Win32.Kpot.CBT
SymantecDownloader
ESET-NOD32Win32/TrojanDownloader.Small.BBX
APEXMalicious
McAfeeRansomware-GXG!CB2B4CD74C7B
Paloaltogeneric.ml
KasperskyTrojan.Win32.Zenpak.wqf
BitDefenderGen:Variant.Jaik.39405
NANO-AntivirusTrojan.Win32.Zenpak.hgbccc
AvastWin32:Trojan-gen
TencentMalware.Win32.Gencirc.13af6626
TACHYONTrojan/W32.Zenpak.919552
EmsisoftGen:Variant.Jaik.39405 (B)
F-SecureHeuristic.HEUR/AGEN.1353492
DrWebTrojan.Encoder.31254
ZillyaTrojan.Zenpak.Win32.1922
TrendMicroTrojan.Win32.DLOADR.TIOIBEHR
SophosTroj/Agent-BEAH
GDataGen:Variant.Jaik.39405
JiangminTrojan.Zenpak.bja
VaristW32/ABRansom.VZXG-5209
AviraHEUR/AGEN.1353492
Antiy-AVLTrojan/Win32.Zenpak
Kingsoftmalware.kb.a.730
XcitiumMalware@#n3jjo9zfow58
ArcabitTrojan.Jaik.D99ED
ViRobotTrojan.Win32.Z.Zenpak.919552
ZoneAlarmTrojan.Win32.Zenpak.wqf
MicrosoftRansom:Win32/Gandcrab
GoogleDetected
AhnLab-V3Trojan/Win32.Agent.C4012007
BitDefenderThetaGen:NN.ZexaF.36804.4u0@aKvTVKni
MAXmalware (ai score=100)
VBA32BScope.Trojan.Downloader
MalwarebytesMalware.AI.3957177539
TrendMicro-HouseCallTrojan.Win32.DLOADR.TIOIBEHR
RisingTrojan.Generic@AI.87 (RDMK:CZZAbuvGsObFl6iAPvCwRg)
YandexTrojan.Kryptik!LhZE/CJGv0M
IkarusTrojan-Ransom.GandCrab
MaxSecureTrojan.Malware.77480209.susgen
FortinetW32/Zenpak.HBWA!tr.ransom
AVGWin32:Trojan-gen
PandaTrj/GdSda.A
alibabacloudTrojan[downloader]:Win/Zenpak.wqf

How to remove Malware.AI.3957177539?

Malware.AI.3957177539 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment