Trojan:Win32/AutoitInject.AME!MTB removal guide

The Trojan:Win32/AutoitInject.AME!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan:Win32/AutoitInject.AME!MTB virus can do?

Sample contains Overlay data
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid
Binary file triggered YARA rule
Anomalous binary characteristics

How to determine Trojan:Win32/AutoitInject.AME!MTB?


File Info:
name: D369ECD792BDC45DE97C.mlw
path: /opt/CAPEv2/storage/binaries/c2f29427a30573a1e41f33a62489a798813c447612e2ae2351401fb30475b692
crc32: EFB01BFE
md5: d369ecd792bdc45de97c9936d2a0e49f
sha1: faa940088305ef9a70f886c1982b885498b62f0c
sha256: c2f29427a30573a1e41f33a62489a798813c447612e2ae2351401fb30475b692
sha512: 6531b6d090dd5fd2d86546eaf8e092defd869eff4ea2810ca01cfff779b4aa81cbdd0696e802b0f71e055a7e82cacc9363fa7fc6045cc6ca2c6bdc635cc4ecd9
ssdeep: 24576:Qtb20p+9vwnEIfcYLBoHEjaN4OvDpa0ny52X5l6M:ZNegBEjaNjv1lysHX
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T14C25D06263DDC360D3B291337A617742BE7B38654AE5F46B2F90093DED20262561EB33
sha3_384: cadd76f9cbc531dc6000ca21e1b00e9c4b14936cd14617a0d3c7b42bfa2e970b8d71694d3898bf99f8037109057bd44c
ep_bytes: e86ace0000e97ffeffffcccc57568b74
timestamp: 2024-02-26 23:20:48

Version Info:
0: [No Data]

Trojan:Win32/AutoitInject.AME!MTB also known as:

Bkav	W32.Common.00833DAB
Lionic	Trojan.Win32.Nymeria.4!c
DrWeb	Trojan.AutoIt.1335
MicroWorld-eScan	AIT:Trojan.Nymeria.5909
FireEye	Generic.mg.d369ecd792bdc45d
Skyhigh	BehavesLike.Win32.BadFile.tc
McAfee	Artemis!D369ECD792BD
Malwarebytes	Malware.AI.2869527598
Sangfor	Virus.Win32.Save.a
Alibaba	Trojan:Win32/AgentTesla.67ff1d77
CrowdStrike	win/malicious_confidence_100% (W)
Elastic	malicious (high confidence)
APEX	Malicious
TrendMicro-HouseCall	TROJ_GEN.R002H01C524
BitDefender	AIT:Trojan.Nymeria.5909
Emsisoft	AIT:Trojan.Nymeria.5909 (B)
VIPRE	AIT:Trojan.Nymeria.5909
Sophos	Mal/Generic-S
Ikarus	Trojan.Win32.AgentTesla
Google	Detected
Kingsoft	malware.kb.a.773
Microsoft	Trojan:Win32/AutoitInject.AME!MTB
Arcabit	AIT:Trojan.Nymeria.D1715
GData	AIT:Trojan.Nymeria.5909
Cynet	Malicious (score: 100)
ALYac	AIT:Trojan.Nymeria.5909
MAX	malware (ai score=86)
Cylance	unsafe
Rising	Trojan.Generic@AI.100 (RDML:kxco9VocgxU/dw/iRp0hnA)
SentinelOne	Static AI – Suspicious PE
MaxSecure	Trojan.Malware.234851015.susgen
Cybereason	malicious.792bdc
alibabacloud	Trojan:Win/AgentTesla.Y!MTB

How to remove Trojan:Win32/AutoitInject.AME!MTB?

Trojan:Win32/AutoitInject.AME!MTB removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X