Trojan

Trojan:Win32/Autophyte.F!dha removal

Malware Removal

The Trojan:Win32/Autophyte.F!dha is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan:Win32/Autophyte.F!dha virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is likely packed with VMProtect
  • Authenticode signature is invalid
  • Binary file triggered YARA rule

How to determine Trojan:Win32/Autophyte.F!dha?



File Info:

name: B778D887A3649FBA57A8.mlw
path: /opt/CAPEv2/storage/binaries/c9f9ee47d244ed15ec5b97ed745641d1d61b632b52420660dba66aa30e1b14d2
crc32: 130CB942
md5: b778d887a3649fba57a8fb64852ad071
sha1: 1bb69e98da07b907881dbbb2a0864e5a49620307
sha256: c9f9ee47d244ed15ec5b97ed745641d1d61b632b52420660dba66aa30e1b14d2
sha512: bcc80846306bdf2d59bfa549d28ea528fd1bcd7e11f739bf8a575a5a2e1cebd6b1a913c9684a2dce5c8cd76dc2cab89ab08f31accd48ed64fa98379c8608ff2d
ssdeep: 12288:dfAiLkai/1zVZF8LFt5NyTfghQv7gLtRI6qECNG2tsTGUR9eeXkDiYdt8viX6G3O:d4ckfRZJTghDtRbq1NaG0QChut8qqGDA
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1D4F42348D59858B1D84ED7B99001BFDCD1745358907EE6BCCA5023FD1E90A4E1EBE22F
sha3_384: 8d6eec77241275974dbe5950d3d96649cc41e5ef912c62c6260b2f0a8bb423ab35b934d95197718d469eb49dd6a7baf6
ep_bytes: e9a1aa0a0084e4e8d4f709003fa63dc4
timestamp: 2017-05-02 02:07:43


Version Info:

0: [No Data]

Trojan:Win32/Autophyte.F!dha also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Manuscrypt.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Fragtor.120372
FireEyeGeneric.mg.b778d887a3649fba
SkyhighBehavesLike.Win32.Generic.bc
McAfeeArtemis!B778D887A364
Cylanceunsafe
ZillyaTrojan.NukeSped.Win32.133
SangforSuspicious.Win32.Save.a
K7AntiVirusRiskware ( 0040eff71 )
AlibabaTrojan:Win32/Manuscrypt.556b7265
K7GWRiskware ( 0040eff71 )
CrowdStrikewin/malicious_confidence_100% (W)
BitDefenderThetaGen:NN.ZexaF.36802.VCW@a4JZiPei
SymantecML.Attribute.HighConfidence
tehtrisGeneric.Malware
ESET-NOD32Win32/NukeSped.CN
APEXMalicious
CynetMalicious (score: 100)
KasperskyTrojan.Win32.Manuscrypt.e
BitDefenderGen:Variant.Fragtor.120372
NANO-AntivirusTrojan.Win32.Manuscrypt.eqrfkt
AvastWin32:Malware-gen
TencentWin32.Trojan.Manuscrypt.Dzlw
TACHYONTrojan/W32.Agent.784896.BS
SophosMal/Generic-R
F-SecureTrojan.TR/Agent.vneat
VIPREGen:Variant.Fragtor.120372
TrendMicroTROJ_FRS.0NA103E820
Trapminemalicious.high.ml.score
EmsisoftGen:Variant.Fragtor.120372 (B)
SentinelOneStatic AI – Malicious PE
JiangminTrojan.Manuscrypt.i
GoogleDetected
AviraTR/Agent.vneat
Antiy-AVLTrojan/Win32.Lazarus
Kingsoftmalware.kb.b.996
MicrosoftTrojan:Win32/Autophyte.F!dha
ArcabitTrojan.Fragtor.D1D634
ViRobotTrojan.Win32.S.Agent.784896.AK
ZoneAlarmTrojan.Win32.Manuscrypt.e
GDataGen:Variant.Fragtor.120372
VaristW32/Agent.JPIA-8624
AhnLab-V3Trojan/Win32.Agent.C1978480
VBA32BScope.Trojan.Manuscrypt
ALYacTrojan.Agent.Manuscrypt.A
MAXmalware (ai score=100)
MalwarebytesMalware.AI.3727828367
PandaTrj/CI.A
TrendMicro-HouseCallTROJ_FRS.0NA103E820
RisingTrojan.Generic@AI.92 (RDML:yYzDYD8QXe7a6BmvkJWBYA)
YandexTrojan.Manuscrypt!ynGgkrtNSco
IkarusTrojan.Win32.Manuscrypt
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Manuscrypt.E!tr
AVGWin32:Malware-gen
Cybereasonmalicious.7a3649
DeepInstinctMALICIOUS
alibabacloudTrojan:Win/NukeSped.CN

How to remove Trojan:Win32/Autophyte.F!dha?

Trojan:Win32/Autophyte.F!dha removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment