Malware

Should I remove “Malware.AI.3989704735”?

Malware Removal

The Malware.AI.3989704735 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.3989704735 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Detects Sandboxie through the presence of a library
  • Queries information on disks, possibly for anti-virtualization
  • CAPE detected the RedLine malware family
  • Detects VirtualBox through the presence of a device
  • Anomalous binary characteristics
  • Binary compilation timestomping detected

How to determine Malware.AI.3989704735?



File Info:

name: 40F480638F2E8462929A.mlw
path: /opt/CAPEv2/storage/binaries/4602413ecd189f0a449f0ae14ba743d35a1b179bb6d2dc227dec2dd048611f60
crc32: 0CF8C4C6
md5: 40f480638f2e8462929a662217a64c5b
sha1: e72a9399e1ba8d61f26ba9a6e300e92d8bcd656e
sha256: 4602413ecd189f0a449f0ae14ba743d35a1b179bb6d2dc227dec2dd048611f60
sha512: da9a5d796821f9fc648e2a8b0ccda133f1f276b2c55cc06b5cf158da805b1c6147348fc2e5f8177a96c78d9b178bb1321fd693dcf615f10584d2ae90a689c365
ssdeep: 12288:0N0jKyPslJ8rJ2IPPneu301AIBdvDZdXKZDPp8QdoiRVsT0D8N0R/twg:I7Xv1Vah/do8qYD8NAtwg
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1D6459EF387D989E6EA500F7032835E1798E01D5FDD9AD3D1E562AC083B485A31A38F5E
sha3_384: 793a5ffa101e38a17143e3693c69e1394ab64bedaf15b39ffb9889ccef15eae2f89f31088b1f1dd45a34a4cd3734250b
ep_bytes: eb0583349d835450eb052ab2adf755e8
timestamp: 2055-12-25 20:54:07


Version Info:

CompanyName: Glarysoft Ltd
FileDescription: Glary Utilities Installer
LegalCopyright: Copyright (c) 2003 - 2021 Glarysoft Ltd
ProductName: Glary Utilities 5
ProductVersion: 5.176.0.204
Translation: 0x0000 0x04e9

Malware.AI.3989704735 also known as:

BkavW32.AIDetect.malware1
LionicTrojan.Win32.Doina.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Lazy.71726
FireEyeGeneric.mg.40f480638f2e8462
ALYacGen:Variant.Lazy.71726
CylanceUnsafe
K7AntiVirusRiskware ( 0040eff71 )
AlibabaTrojanSpy:Win32/Stealer.88f36213
K7GWRiskware ( 0040eff71 )
Cybereasonmalicious.9e1ba8
BitDefenderThetaGen:NN.ZexaF.34062.lr3@aKicdzii
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Packed.Obsidium.CT
TrendMicro-HouseCallTROJ_FRS.0NA104L721
CynetMalicious (score: 100)
KasperskyTrojan-Spy.Win32.Stealer.anhq
BitDefenderGen:Variant.Lazy.71726
AvastWin32:Malware-gen
TencentWin32.Trojan-spy.Stealer.Pdmi
Ad-AwareGen:Variant.Lazy.71726
EmsisoftGen:Variant.Lazy.71726 (B)
ComodoTrojWare.Win32.Agent.btwyr@0
DrWebTrojan.PWS.Steam.23121
TrendMicroTROJ_FRS.0NA104L721
McAfee-GW-EditionBehavesLike.Win32.Trojan.th
SophosMal/Generic-R
APEXMalicious
KingsoftWin32.Heur.KVMH015.a.(kcloud)
GridinsoftRansom.Win32.Sabsik.sa
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
GDataWin32.Trojan-Stealer.CredStealer.IHYY4F
Acronissuspicious
McAfeeArtemis!40F480638F2E
MAXmalware (ai score=99)
VBA32TScope.Malware-Cryptor.SB
MalwarebytesMalware.AI.3989704735
RisingTrojan.Generic@ML.91 (RDMK:EhAY1JvAKABW5J4WGezMdw)
SentinelOneStatic AI – Malicious PE
eGambitUnsafe.AI_Score_92%
FortinetW32/PossibleThreat
AVGWin32:Malware-gen
PandaTrj/CI.A
CrowdStrikewin/malicious_confidence_60% (W)

How to remove Malware.AI.3989704735?

Malware.AI.3989704735 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment