About “Malware.AI.3959570637” infection

The Malware.AI.3959570637 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.3959570637 virus can do?

Behavioural detection: Executable code extraction – unpacking
Unconventionial binary language: Chinese (Simplified)
Unconventionial language used in binary resources: Chinese (Simplified)
Authenticode signature is invalid

How to determine Malware.AI.3959570637?


File Info:
name: DFBA109F39E150B9A5D3.mlw
path: /opt/CAPEv2/storage/binaries/dad583e2c55635d76bdff4ed8be940be9a6d1a89daec370def209f321f67fd59
crc32: 13B9D4AD
md5: dfba109f39e150b9a5d309c0d4f091e6
sha1: ea0528b3abd2e962960fadd12a2c84830c89ccf5
sha256: dad583e2c55635d76bdff4ed8be940be9a6d1a89daec370def209f321f67fd59
sha512: 6dcef6327082e5a6e5e4633dc73be355cdeef8c4267d01f0a559f3440a3baf10defc80d780e4c1ccb5ba48f6d71355b50f7d087ea3a5ce53bb7336cde97859e9
ssdeep: 6144:qYf1XLNOXzN6zKcBtaRRdXqWOyolXzN6zK3B2ZcquTLoyR:qaNOXzNOtmRdXqPyolXzNhwpuThR
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1FAC428666A85CD11C4B209385E20A4EC4FD5BDD9FA2D4A07BF7E762EF7B2141383058B
sha3_384: cec938b8dbe4ac42eceaa80b9641b516382522d776cae914164583d0eccae7b10aa05c4d4589fcb3e6a88336a2e4cb05
ep_bytes: 684cd14000e8eeffffff000000000000
timestamp: 2022-07-05 04:44:43

Version Info:
CompanyName: Microsoft
FileDescription: 河北干部网络学院助手
ProductName: 河北干部网络学院助手
FileVersion: 1.0.0.0
ProductVersion: 1.0.0.0
InternalName: 河北zf干部网络学院助手
OriginalFilename: 河北zf干部网络学院助手.exe
Translation: 0x0804 0x04b0

Malware.AI.3959570637 also known as:

Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.Tedy.4!c
DrWeb	BACKDOOR.Trojan
MicroWorld-eScan	Gen:Variant.Tedy.10803
Skyhigh	BehavesLike.Win32.Infected.hm
McAfee	Artemis!DFBA109F39E1
Malwarebytes	Malware.AI.3959570637
VIPRE	Gen:Variant.Tedy.10803
Sangfor	Trojan.Win32.Agent.Vu4m
BitDefender	Gen:Variant.Tedy.10803
CrowdStrike	win/malicious_confidence_100% (W)
BitDefenderTheta	Gen:NN.ZevbaF.36792.Im0@aeWHJblb
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (moderate confidence)
APEX	Malicious
Alibaba	Backdoor:Win32/Generic.c038f385
Sophos	Mal/Generic-S
F-Secure	Trojan.TR/Dropper.Gen
Trapmine	malicious.high.ml.score
FireEye	Generic.mg.dfba109f39e150b9
Emsisoft	Gen:Variant.Tedy.10803 (B)
Ikarus	Trojan.Dropper
MAX	malware (ai score=84)
Google	Detected
Avira	TR/Dropper.Gen
Antiy-AVL	Trojan/Win32.Wacatac
Microsoft	Trojan:Win32/Wacatac.B!ml
Arcabit	Trojan.Tedy.D2A33
GData	Gen:Variant.Tedy.10803
Cynet	Malicious (score: 100)
ALYac	Gen:Variant.Tedy.10803
DeepInstinct	MALICIOUS
Cylance	unsafe
Panda	Trj/Chgt.AD
TrendMicro-HouseCall	TROJ_GEN.R002H09J923
SentinelOne	Static AI – Suspicious PE
MaxSecure	Trojan.Malware.144492253.susgen
Fortinet	W32/PossibleThreat
AVG	Win32:Malware-gen
Cybereason	malicious.3abd2e
Avast	Win32:Malware-gen

How to remove Malware.AI.3959570637?

Malware.AI.3959570637 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X