Trojan

Should I remove “Trojan.Win32.Autoit.abkum”?

Malware Removal

The Trojan.Win32.Autoit.abkum is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Win32.Autoit.abkum virus can do?

  • Uses Windows utilities for basic functionality
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Uses Windows utilities to create a scheduled task
  • Behavioural detection: Injection (Process Hollowing)
  • Behavioural detection: Injection (inter-process)
  • Behavioural detection: Transacted Hollowing
  • CAPE detected the DarkComet malware family
  • Interacts with known DarkComet registry keys
  • Deletes executed files from disk
  • Creates known Fynloski/DarkComet mutexes
  • Binary compilation timestomping detected
  • Uses suspicious command line tools or Windows utilities
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Trojan.Win32.Autoit.abkum?



File Info:

name: 3AE0D8A4957A56732944.mlw
path: /opt/CAPEv2/storage/binaries/90a3d557f33c5ec5ddff9ddc94a39c31e2a3ef142a8bc523ced0b9a22a45272b
crc32: E02DA2EC
md5: 3ae0d8a4957a567329440637e834f7a2
sha1: e35bdc1434801928b15b1524e8b5de5293575f02
sha256: 90a3d557f33c5ec5ddff9ddc94a39c31e2a3ef142a8bc523ced0b9a22a45272b
sha512: d1ff889a452ee9ddfd15ecfdc64ce200f5361950b6f9d80b7d63c6d5229e45c9e63edd9a43483c27aeed85e5d5bae1022ae76313636466ab0084ac49012cdeba
ssdeep: 24576:dy7dOxLFDApSPKk48bhqVXb6hmbcKTxJ24ykXMsZBxfeerhfOluf:47iLFssPH48QVXhXPyk8sZHGerhm
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1208522C5A7D98463C9A7677466BB0B137F36F891AF3192472216E46C2C32B90FC35227
sha3_384: fadc5597670bbc2690f97c2fcbe160f539b5aafa7e4f43b71dde5998d001b6922e1758238e6004b407d66f29e076866b
ep_bytes: e8ae060000e9000000006a5c68d07240
timestamp: 2027-09-18 19:49:23


Version Info:

CompanyName: Microsoft Corporation
FileDescription: Auto-extracteur de fichier CAB Win32                                   
FileVersion: 11.00.15063.0 (WinBuild.160101.0800)
InternalName: Wextract                
LegalCopyright: © Microsoft Corporation. Tous droits réservés.
OriginalFilename: WEXTRACT.EXE            .MUI
ProductName: Internet Explorer
ProductVersion: 11.00.15063.0
Translation: 0x040c 0x04b0

Trojan.Win32.Autoit.abkum also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Autoit.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.Autoruns.GenericKD.41995384
FireEyeTrojan.Autoruns.GenericKD.41995384
SkyhighBehavesLike.Win32.Downloader.tc
McAfeeArtemis!3AE0D8A4957A
Cylanceunsafe
ZillyaTrojan.AutoIT.Win32.40755
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 0052a64a1 )
AlibabaTrojan:Win32/Tiggre.a1953f46
K7GWTrojan ( 0052a64a1 )
Cybereasonmalicious.434801
VirITTrojan.Win32.AutoIt.JRL
SymantecTrojan Horse
ESET-NOD32Win32/Packed.CAB.AX
APEXMalicious
ClamAVWin.Malware.Autoit-7004698-0
KasperskyTrojan.Win32.Autoit.abkum
BitDefenderTrojan.Autoruns.GenericKD.41995384
NANO-AntivirusTrojan.Win32.Generic.fnqvlc
AvastWin32:Trojan-gen
TencentWin32.Trojan.Autoit.Akjl
SophosTroj/Inject-CAN
F-SecureDropper.DR/Autoit.vhsxx
VIPRETrojan.Autoruns.GenericKD.41995384
TrendMicroTROJ_FRS.0NA103C320
EmsisoftTrojan.Autoruns.GenericKD.41995384 (B)
IkarusTrojan.MSIL.Zyklon
GDataTrojan.Autoruns.GenericKD.41995384
WebrootW32.Trojan.Gen
GoogleDetected
AviraDR/Autoit.vhsxx
VaristW32/Ototi.DNJY-3341
Antiy-AVLTrojan/Win32.Agentb
Kingsoftmalware.kb.a.992
ArcabitTrojan.Autoruns.Generic.D280CC78
ZoneAlarmTrojan.Win32.Autoit.abkum
MicrosoftBackdoor:Win32/Fynloski
CynetMalicious (score: 100)
ALYacTrojan.Autoruns.GenericKD.41995384
MAXmalware (ai score=100)
MalwarebytesGeneric.Malware.AI.DDS
PandaTrj/CI.A
ZonerTrojan.Win32.45518
TrendMicro-HouseCallTROJ_FRS.0NA103C320
RisingHack.Win32.SpyWare.aa (CLASSIC)
SentinelOneStatic AI – Suspicious SFX
FortinetW32/OTOTI.YAEA!tr
AVGWin32:Trojan-gen
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Trojan.Win32.Autoit.abkum?

Trojan.Win32.Autoit.abkum removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment