Malware

About “Malware.AI.3996966883” infection

Malware Removal

The Malware.AI.3996966883 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.3996966883 virus can do?

  • Dynamic (imported) function loading detected
  • Authenticode signature is invalid
  • Network activity detected but not expressed in API logs

Related domains:

wpad.local-net

How to determine Malware.AI.3996966883?



File Info:

name: D370990E169D40ED8CDF.mlw
path: /opt/CAPEv2/storage/binaries/bc646776f306cdfd4b756e114333d2ea9cc8394ac59a579b00ea91e0784bd49f
crc32: 313DFEC5
md5: d370990e169d40ed8cdfd8536f0357d0
sha1: 701d28a0361c7b04a30e10c3d9c815d6320bd3e9
sha256: bc646776f306cdfd4b756e114333d2ea9cc8394ac59a579b00ea91e0784bd49f
sha512: 19efd80bdc4c5f1b607c54399c049c75bfda8203d26cef0ed33ae79966b08c7257dbdd164dd913743eb531f5e45bba68de5879d6d9c55d84353588f919db31e5
ssdeep: 96:/IrohmOGKMOgOoADNKHLi0WT/L2FBk7dwnB90qSznnr0OVYCgjrYljgqOeLtBpfB:/Ir4IjOCaaTNi9nr0SYdRqOeLJfV/Nh
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T18F12F725A7ECD63ADFFB0A7B9CB355400276EB01D836DB1E4CC991098E777000AA2B75
sha3_384: b466977fef98a35ebc23cc211ef370de38340b2d97af23900448e23fc64670f24ca077c42961e6af301a536b47159779
ep_bytes: ff250020400000000000000000000000
timestamp: 2018-04-30 22:15:49


Version Info:

Translation: 0x0000 0x04b0
Comments: fm Builder
CompanyName: fm Builder
FileDescription: fm Builder
FileVersion: 2.1
InternalName: fmBuilder.exe
LegalCopyright: Copyright ©  2018
LegalTrademarks: fm Builder
OriginalFilename: fmBuilder.exe
ProductName: fm Builder
ProductVersion: 2.1
Assembly Version: 2.1.0.0

Malware.AI.3996966883 also known as:

LionicTrojan.Win32.Generic.4!c
CylanceUnsafe
ZillyaTrojan.ClipBanker.Win32.11300
K7AntiVirusTrojan ( 00531a2a1 )
AlibabaTrojan:MSIL/ClipBanker.7c551780
K7GWTrojan ( 00531a2a1 )
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/ClipBanker.FO
APEXMalicious
Paloaltogeneric.ml
KasperskyHEUR:Trojan.Win32.Generic
NANO-AntivirusTrojan.Win32.ClipBanker.fdhbaw
AvastWin32:Malware-gen
SophosMal/Generic-S + Troj/Miner-MD
VIPRETrojan.Win32.Generic!BT
TrendMicroTROJ_GEN.R002C0PGM21
McAfee-GW-EditionGenericRXGG-KX!D370990E169D
IkarusTrojan.SuspectCRC
JiangminTrojan.Generic.ccorc
MicrosoftTrojan:Win32/Wacatac.B!ml
McAfeeGenericRXGG-KX!D370990E169D
MAXmalware (ai score=94)
VBA32TScope.Trojan.MSIL
MalwarebytesMalware.AI.3996966883
TrendMicro-HouseCallTROJ_GEN.R002C0PGM21
TencentWin32.Trojan.Generic.Wqcm
YandexTrojan.Agent!B57NXELqrcA
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetMSIL/Generic.AP.14AC44B!tr
BitDefenderThetaGen:NN.ZemsilF.34294.am0@aypeqem
AVGWin32:Malware-gen
PandaTrj/GdSda.A

How to remove Malware.AI.3996966883?

Malware.AI.3996966883 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment