Malware

Malware.AI.3959384686 (file analysis)

Malware Removal

The Malware.AI.3959384686 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.3959384686 virus can do?

  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Malware.AI.3959384686?



File Info:

name: 5D998B398D431201293A.mlw
path: /opt/CAPEv2/storage/binaries/9a31db5bc233b3fedeeb7f8fda079d92cb4c42377d763f3cf37c98d452962ebe
crc32: 6A3BB9DF
md5: 5d998b398d431201293af0d62660a18a
sha1: 6f3f8ea8d466f3d5173bbf43dd012b98aaaaf57f
sha256: 9a31db5bc233b3fedeeb7f8fda079d92cb4c42377d763f3cf37c98d452962ebe
sha512: e906f0324361632040ebe6bb51e1f680c4fbd582f7f50059901326d7dc5c2ec7a020bc27e9cddc73f5ac3fd26f17eeef6801c14239c7fa22109517a83b29cca2
ssdeep: 3072:YDd6z9J1uR/nI21FQyNEZcCOu10o2cK2+dKPFYanlIXNt:YDoz94/n71FtNE6COuf2HdKPqfNt
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T12FF3129487FA48BBC1C762B5D5444748DB350F7D6E3C9640EA139E243ABEF848836D4E
sha3_384: 05eadbe0c451a7005eb194b18d271d5a2e992183ce03bb6f650b41a996476ad291b9923135bdfa2c52c3d391d041aa0b
ep_bytes: 60be00b044008dbe0060fbffc787c0c7
timestamp: 2015-05-03 08:42:25


Version Info:

0: [No Data]

Malware.AI.3959384686 also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Xegumumune.l!c
tehtrisGeneric.Malware
MicroWorld-eScanGen:Trojan.Heur3.LPT.kmGfaKoYBxlab
SkyhighBehavesLike.Win32.Generic.cc
ALYacGen:Trojan.Heur3.LPT.kmGfaKoYBxlab
Cylanceunsafe
ZillyaTrojan.SchwarzeSonne.Win32.831
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 7000000f1 )
BitDefenderGen:Trojan.Heur3.LPT.kmGfaKoYBxlab
K7GWTrojan ( 7000000f1 )
CrowdStrikewin/malicious_confidence_100% (W)
SymantecBackdoor.Krad!gm
Elasticmalicious (moderate confidence)
ESET-NOD32a variant of Win32/SchwarzeSonne.AO
APEXMalicious
CynetMalicious (score: 100)
KasperskyHEUR:Trojan-Spy.Win32.Xegumumune.gen
AlibabaTrojan:Win32/Xegumumune.3e6e9b8c
NANO-AntivirusTrojan.Win32.MlwGen.drhegf
RisingBackdoor.Insidious!1.C93D (CLOUD)
SophosMal/Behav-010
F-SecureTrojan.TR/ATRAPS.Gen
DrWebDLOADER.Trojan
VIPREGen:Trojan.Heur3.LPT.kmGfaKoYBxlab
TrendMicroTrojanSpy.Win32.SCHWARZESONNE.A
FireEyeGeneric.mg.5d998b398d431201
EmsisoftGen:Trojan.Heur3.LPT.kmGfaKoYBxlab (B)
SentinelOneStatic AI – Malicious PE
JiangminTrojanSpy.Xegumumune.ga
WebrootW32.Trojan.Gen
GoogleDetected
AviraTR/ATRAPS.Gen
Antiy-AVLTrojan/Win32.SGeneric
Kingsoftmalware.kb.b.999
MicrosoftTrojan:Win32/Casdet!rfn
XcitiumMalware@#1d8m0zt6krkw6
ArcabitTrojan.Heur3.LPT.kmGfaKoYBxlab
ZoneAlarmHEUR:Trojan-Spy.Win32.Xegumumune.gen
GDataGen:Trojan.Heur3.LPT.kmGfaKoYBxlab
McAfeeArtemis!5D998B398D43
MAXmalware (ai score=100)
DeepInstinctMALICIOUS
VBA32TScope.Trojan.Delf
MalwarebytesMalware.AI.3959384686
PandaTrj/GdSda.A
TrendMicro-HouseCallTrojanSpy.Win32.SCHWARZESONNE.A
TencentMalware.Win32.Gencirc.13c1d6e5
IkarusTrojan.Win32.SchwarzeSonne
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/SchwarzeSonne.AP!tr
BitDefenderThetaAI:Packer.E2479FF421
AVGWin32:Malware-gen
Cybereasonmalicious.8d466f
AvastWin32:Malware-gen

How to remove Malware.AI.3959384686?

Malware.AI.3959384686 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment