What is “Malware.AI.3974795524”?

The Malware.AI.3974795524 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.3974795524 virus can do?

The binary contains an unknown PE section name indicative of packing
The executable is compressed using UPX
Authenticode signature is invalid

How to determine Malware.AI.3974795524?


File Info:
name: D271314365F1678D1E6A.mlw
path: /opt/CAPEv2/storage/binaries/97cc75c2009c48acc730a909cc5d97729322f874993f3f9bf549567305f92d0f
crc32: 661338A9
md5: d271314365f1678d1e6a985dda4b0cbf
sha1: 623a478d0acf71b595c0be6d0b5c59c8c244b776
sha256: 97cc75c2009c48acc730a909cc5d97729322f874993f3f9bf549567305f92d0f
sha512: 05829d3017b2008987dd6d9d0a160f92758c87b299eb74cea795dddd3b92b4a6d472803870ef51b01be51618a2637444253e16657ee39e7d6d7615b1f2fcc965
ssdeep: 192:Hx2twI6kMoSl2fXDt7+z2v0HC8NQltuMumaEFGnKMsj+zc243RhukaCzmB:R2tnvW2/Dt7+G0iXtu8aHzsj+zc2gKR
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T14C72918267FC4412E1F73FB45DB517218A7AFC98A93AC79D06A5110F4A60F01AEB1B37
sha3_384: 5f410ca59a06f728501e02295f61b7d252768799f4bc968f12bf2a6f007bea71d92eb728ef97124ad6755dad78c44158
ep_bytes: 602072a040008dbe0070ffff5783cdff
timestamp: 2016-04-25 15:22:36

Version Info:
0: [No Data]

Malware.AI.3974795524 also known as:

Bkav	W32.AIDetect.malware1
FireEye	Generic.mg.d271314365f1678d
McAfee	GenericRXAA-FA!D271314365F1
Cylance	Unsafe
Sangfor	Trojan.Win32.Save.a
K7AntiVirus	Trojan ( 004bcce41 )
K7GW	Trojan ( 004bcce41 )
Cybereason	malicious.d0acf7
BitDefenderTheta	Gen:NN.ZexaF.34742.bmW@ailmr9li
Elastic	malicious (moderate confidence)
Kaspersky	UDS:Trojan.Multi.GenericML.xnet
Avast	Win32:Malware-gen
Sophos	Generic ML PUA (PUA)
Comodo	Packed.Win32.MUPX.Gen@24tbus
Trapmine	suspicious.low.ml.score
APEX	Malicious
Microsoft	Trojan:Win32/Wacatac.B!ml
Cynet	Malicious (score: 100)
AhnLab-V3	Trojan/Win32.Nitol.R197174
Malwarebytes	Malware.AI.3974795524
Rising	Trojan.Tiggre!8.ED98 (TFE:dGZlOgT10IeGLn9IoQ)
SentinelOne	Static AI – Malicious PE
Fortinet	W32/PossibleThreat
AVG	Win32:Malware-gen
CrowdStrike	win/malicious_confidence_100% (D)

How to remove Malware.AI.3974795524?

Malware.AI.3974795524 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X