Malware

How to remove “Malware.AI.3976798295”?

Malware Removal

The Malware.AI.3976798295 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.3976798295 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Behavioural detection: Executable code extraction – unpacking
  • At least one process apparently crashed during execution
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • CAPE extracted potentially suspicious content
  • Unconventionial language used in binary resources: Malay (Malaysia)
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid

How to determine Malware.AI.3976798295?



File Info:

name: 38846592063EF4AEB07A.mlw
path: /opt/CAPEv2/storage/binaries/e5fae9016bc4996b88fc26e00eb0aa88b080442d7b06d0c82a7571a59d0500a0
crc32: 90318001
md5: 38846592063ef4aeb07a2ffe38a5efa3
sha1: 9406f2ba41829ef711d11c993249343ed8065dcf
sha256: e5fae9016bc4996b88fc26e00eb0aa88b080442d7b06d0c82a7571a59d0500a0
sha512: cafb93a72680a5c24d6d66af1fde3efc54a3c545a644ddbe8bd3c49bbd9a23c62b8e799192836f96d038c9c054a61a4d1a526c914ff00bb91f7dea2d6a3da6ca
ssdeep: 6144:SgAOAMrRxG8CWjaqvGs9297bqzrLOHBPHY0Sys:ZmMdxGYjaq79Y7bqzOHpHY9R
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T148747C13AB979DE1E52A51B05454DFA010A7B533523F40ABBFBC0A8E8BE42C04DE765F
sha3_384: 15490948a67cc74a5a43ad8643683a8743c53f11527e7fe8b9e81af8ff7b4ffd5793cd33745a222bfdeacefd4425f1ce
ep_bytes: e839750000e978feffffcccccccccccc
timestamp: 2015-06-01 17:42:16


Version Info:

CompanyName: TrueCrypt Foundation
FileDescription: TrueCrypt
FileVersion: 7.1a
LegalTrademarks: TrueCrypt
OriginalFilename: TrueCrypt.exe
ProductName: TrueCrypt
ProductVersion: 7.1a
Translation: 0x0409 0x04b0

Malware.AI.3976798295 also known as:

BkavW32.FamVT.RazyNHmC.Trojan
tehtrisGeneric.Malware
DrWebTrojan.PWS.Panda.8087
MicroWorld-eScanTrojan.EmotetU.Gen.um1@je24lXkO
FireEyeGeneric.mg.38846592063ef4ae
CAT-QuickHealWorm.Dorkbot.I4
ALYacTrojan.EmotetU.Gen.um1@je24lXkO
CylanceUnsafe
SangforVirus.Win32.Save.a
K7AntiVirusTrojan ( 004ce5441 )
K7GWTrojan ( 0056f2361 )
Cybereasonmalicious.2063ef
BitDefenderThetaGen:NN.ZexaF.34712.um1@ae24lXkO
VirITTrojan.Win32.Crypt4.ANPG
CyrenW32/Agent.XL.gen!Eldorado
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Kryptik.DKGO
APEXMalicious
KasperskyHEUR:Trojan.Win32.Zenpak.gen
BitDefenderTrojan.EmotetU.Gen.um1@je24lXkO
SUPERAntiSpywareTrojan.Agent/Gen-Crypt
AvastWin32:Emotet-AS [Trj]
TencentMalware.Win32.Gencirc.114cc4ce
Ad-AwareTrojan.EmotetU.Gen.um1@je24lXkO
SophosML/PE-A + Mal/Wonton-BB
ZillyaTrojan.Zbot.Win32.180584
Trapminemalicious.high.ml.score
EmsisoftTrojan.EmotetU.Gen.um1@je24lXkO (B)
SentinelOneStatic AI – Malicious PE
GDataTrojan.EmotetU.Gen.um1@je24lXkO
JiangminTrojan/Generic.bgstm
AviraHEUR/AGEN.1223956
KingsoftWin32.Hack.Undef.(kcloud)
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.MDA.R142341
McAfeeTrojan-FGPA!38846592063E
MAXmalware (ai score=80)
VBA32BScope.Backdoor.Androm
MalwarebytesMalware.AI.3976798295
RisingTrojan.Generic@AI.86 (RDML:Prd5xpBd4u1Ja10YFpynHQ)
YandexTrojanSpy.Zbot!g52VTHkCtLg
IkarusWin32.Outbreak
FortinetW32/Kryptik.DTSF!tr
AVGWin32:Emotet-AS [Trj]
PandaTrj/Genetic.gen
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Malware.AI.3976798295?

Malware.AI.3976798295 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment