Categories: Malware

Should I remove “Malware.AI.3973320766”?

The Malware.AI.3973320766 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Malware.AI.3973320766 virus can do?

Executable code extraction
Attempts to connect to a dead IP:Port (2 unique times)
Creates RWX memory
Reads data out of its own binary image
Performs some HTTP requests
Uses Windows utilities for basic functionality
Creates a hidden or system file
Attempts to modify proxy settings
Anomalous binary characteristics

Related domains:

z.whorecord.xyz

a.tomx.xyz

frock.encours.ru

ec2-176-34-154-135.eu-west-1.compute.amazonaws.com

www.bing.com

How to determine Malware.AI.3973320766?


File Info:
crc32: E3D01402md5: b6239a88f18077fa6d82d51f9c1fd932name: B6239A88F18077FA6D82D51F9C1FD932.mlwsha1: 6d5807f9fc003dc81cd37e7c37bb422a31f7adc9sha256: 2121ca18f51af85d1a1af80a7b0a1019ba54a625051b6f1f6cc5ce39aa9b898bsha512: a7037474c5d8fb1fbe5a04975c661a548a5dd50a56f151e751e14560f13ae97076fd68118ce5b94945a6be44d1afdf1d0a1955fc520330d3e9ca2628c71ccb16ssdeep: 98304:kSoJI8rrKqB89Lbb5sg9Fm0Ewb9GnW3R7klbrKsbSoJI8rrKqB89Lbb5sg9BI:3iO9Lbb5sJ0EwrklbrKs2iO9Lbb5sntype: PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
Version Info:
0: [No Data]

Malware.AI.3973320766 also known as:

Lionic	Trojan.Win32.Generic.4!c
Elastic	malicious (high confidence)
DrWeb	Trojan.DownLoad4.9362
Cylance	Unsafe
CrowdStrike	win/malicious_confidence_60% (D)
K7GW	Trojan-Downloader ( 00526b0b1 )
K7AntiVirus	Trojan-Downloader ( 00526b0b1 )
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/TrojanDownloader.Tovkater.IK
APEX	Malicious
Avast	Win32:Malware-gen
Cynet	Malicious (score: 99)
Kaspersky	not-a-virus:AdWare.Win32.TOVus.anft
Tencent	Win32.Adware.Tovus.Pdlr
Sophos	Mal/Generic-S
BitDefenderTheta	Gen:NN.ZexaF.34294.@NY@aavOL4gi
VIPRE	Trojan.Win32.Generic!BT
McAfee-GW-Edition	BehavesLike.Win32.Dropper.tm
FireEye	Generic.mg.b6239a88f18077fa
SentinelOne	Static AI – Suspicious PE
Jiangmin	TrojanDownloader.Generic.azjv
Avira	TR/Crypt.XPACK.Gen7
Antiy-AVL	Trojan/Generic.ASMalwS.254701C
Microsoft	TrojanSpy:Win32/Occamy.C
McAfee	Packed-FBE!B6239A88F180
MAX	malware (ai score=99)
VBA32	Trojan.InstallMonster
Malwarebytes	Malware.AI.3973320766
Panda	Trj/CI.A
Yandex	Trojan.GenAsa!rfGTrROH7g8
Ikarus	Trojan-Downloader.Win32.Tovkater
Fortinet	W32/Tovkater.IK!tr
AVG	Win32:Malware-gen
Paloalto	generic.ml