Trojan

Trojan-Downloader.Win32.AutoIt.qdt removal tips

Malware Removal

The Trojan-Downloader.Win32.AutoIt.qdt is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan-Downloader.Win32.AutoIt.qdt virus can do?

  • Executed a very long command line or script command which may be indicative of chained commands or obfuscation
  • Authenticode signature is invalid
  • A scripting utility was executed
  • A script or command line contains a long continuous string indicative of obfuscation
  • Attempts to execute suspicious powershell command arguments
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Trojan-Downloader.Win32.AutoIt.qdt?



File Info:

name: 31599A8328E1E425DCE2.mlw
path: /opt/CAPEv2/storage/binaries/f68fbc3ded17323902346ffd670a5e3bccd830dbfac27d2659051bef61d9b84c
crc32: D7B4B036
md5: 31599a8328e1e425dce2c442ae447573
sha1: 08c5e617531388188dbc6f15066b3985f928b77f
sha256: f68fbc3ded17323902346ffd670a5e3bccd830dbfac27d2659051bef61d9b84c
sha512: 123755b7f54d931a2fb326f5fd2341dad3d0903a3a9b00124a0a8ececa32752c239e43ecd6f87027b66b56f5ebfad1854f28deb04aaa025a8f8e22b8b6d4a667
ssdeep: 12288:ZCdOy3vVrKxR5CXbNjAOxK/j2n+4YG/6c1mFFja3mXgcjfRlgsUBga3T83B8pGEQ:ZCdxte/80jYLT3U1jfsWajWGGEQ
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1A3159D2273DDC370CB669173BF69B7016EBF78614630B85B2F880D7DA950161262DBA3
sha3_384: bd8ff27cab4def8c9baf39ead29e53b3b162a2bf0951c06f9e9aab8ead07fce71790fccdc302f393f75b0a93186094b6
ep_bytes: e8b8d00000e97ffeffffcccccccccccc
timestamp: 2017-09-21 19:25:09


Version Info:

Translation: 0x0809 0x04b0

Trojan-Downloader.Win32.AutoIt.qdt also known as:

LionicTrojan.Win32.AutoIt.a!c
MicroWorld-eScanTrojan.GenericKD.12402119
FireEyeTrojan.GenericKD.12402119
SkyhighBehavesLike.Win32.TrojanAitInject.ch
McAfeeArtemis!31599A8328E1
Cylanceunsafe
SangforDownloader.Win32.Skeeyah.V7g9
K7AntiVirusTrojan-Downloader ( 005175481 )
AlibabaTrojanDownloader:Win32/Skeeyah.b070117c
K7GWTrojan-Downloader ( 005175481 )
CrowdStrikewin/malicious_confidence_100% (W)
BitDefenderThetaAI:Packer.51ACDD8A16
SymantecTrojan Horse
Elasticmalicious (moderate confidence)
ESET-NOD32multiple detections
APEXMalicious
KasperskyTrojan-Downloader.Win32.AutoIt.qdt
BitDefenderTrojan.GenericKD.12402119
NANO-AntivirusTrojan.Win32.AutoIt.esyhlb
AvastWin32:Trojan-gen
TencentWin32.Trojan-Downloader.Autoit.Ocnw
EmsisoftTrojan.GenericKD.12402119 (B)
F-SecureHeuristic.HEUR/AGEN.1319356
VIPRETrojan.GenericKD.12402119
TrendMicroTROJ_GEN.R002C0DBG24
SophosMal/Generic-S
IkarusTrojan.Inject
GDataTrojan.GenericKD.12402119
WebrootW32.Trojan.GenKD
GoogleDetected
AviraHEUR/AGEN.1319356
VaristW32/Autoit.RFJR-7084
KingsoftWin32.Troj.Unknown.a
XcitiumMalware@#6e6ni7ykv3xr
ArcabitTrojan.Generic.DBD3DC7
ViRobotTrojan.Win32.Z.Autoit.886272
ZoneAlarmTrojan-Downloader.Win32.AutoIt.qdt
MicrosoftTrojan:Win32/Skeeyah.A!bit
AhnLab-V3Downloader/Win32.AutoIt.C2160270
VBA32TrojanDownloader.AutoIt
ALYacTrojan.GenericKD.12402119
MAXmalware (ai score=100)
MalwarebytesGeneric.Malware/Suspicious
PandaTrj/CI.A
TrendMicro-HouseCallTROJ_GEN.R002C0DBG24
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.1728101.susgen
AVGWin32:Trojan-gen
DeepInstinctMALICIOUS

How to remove Trojan-Downloader.Win32.AutoIt.qdt?

Trojan-Downloader.Win32.AutoIt.qdt removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment