Trojan

Trojan:Win32/Autophyte.L!dha removal guide

Malware Removal

The Trojan:Win32/Autophyte.L!dha is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan:Win32/Autophyte.L!dha virus can do?

  • Unconventionial language used in binary resources: Korean
  • Authenticode signature is invalid

How to determine Trojan:Win32/Autophyte.L!dha?



File Info:

name: E48FE20EB1F5A5887F2A.mlw
path: /opt/CAPEv2/storage/binaries/a606716355035d4a1ea0b15f3bee30aad41a2c32df28c2d468eafd18361d60d6
crc32: 17411C0B
md5: e48fe20eb1f5a5887f2ac631fed9ed63
sha1: f83f30bd284074d1daaf2e262a280ca780791f2c
sha256: a606716355035d4a1ea0b15f3bee30aad41a2c32df28c2d468eafd18361d60d6
sha512: 7d1003f413f2b003606588a611895c7f61e74e424b5c097cf009a5ff8f620464cc23811d026a60019b8bc71d0527f916b79dd4cbebda6481b263c8161b884124
ssdeep: 1536:qJhDLw1yDhhzoN/e/C/O/C/a/D/I26251K06Zk/XrqqitM4NvL:qvfw1ahEVOS+Sq7IN251ikzq5tM4NvL
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1EA934B56F4C286F1F4D15AB214E75F370E3AEA385A259B97C360EE126D33080BA36353
sha3_384: 413ce07580ef08bd568eccdcb8e1632a01fbfc49b490139fedc78d05ac17ee0783afa41ef621bd39f1660a374f11e271
ep_bytes: 558bec6aff68c80641006854bc400064
timestamp: 2016-03-30 04:26:15


Version Info:

Comments: 
CompanyName: Microsoft Corporation
FileDescription: Microsoft(C) Register Server
FileVersion: 6.1.7600.16385 (win7_rtm.090713-1255)
InternalName: REGSVR32
LegalCopyright: Microsoft Corporation. All rights reserved.
LegalTrademarks: 
OriginalFilename: REGSVR32.EXE.MUI
PrivateBuild: 
ProductName: Microsoft Windows Operating System
ProductVersion: 6.1.7600.16385
SpecialBuild: 
Translation: 0x0409 0x04b0

Trojan:Win32/Autophyte.L!dha also known as:

LionicTrojan.Win32.Agent.tpkb
Elasticmalicious (high confidence)
DrWebBackDoor.Siggen2.2261
MicroWorld-eScanGen:Variant.Jaik.27019
SkyhighBehavesLike.Win32.Generic.nm
McAfeeGenericRXEL-TU!E48FE20EB1F5
Cylanceunsafe
SangforTrojan.Win32.NukeSped.AK
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaBackdoor:Win32/Autophyte.8dbec16c
K7GWTrojan ( 004f5bbb1 )
K7AntiVirusTrojan ( 004f5bbb1 )
ArcabitTrojan.Jaik.D698B
BitDefenderThetaGen:NN.ZexaF.36680.fq0@amytmaiO
SymantecTrojan.Gen.2
ESET-NOD32Win32/NukeSped.AK
CynetMalicious (score: 99)
APEXMalicious
ClamAVWin.Trojan.Agent-6375585-0
KasperskyBackdoor.Win32.Agent.dpfu
BitDefenderGen:Variant.Jaik.27019
NANO-AntivirusTrojan.Win32.Agent.ekrztl
AvastWin32:Malware-gen
TencentMalware.Win32.Gencirc.115e141b
EmsisoftGen:Variant.Jaik.27019 (B)
F-SecureTrojan.TR/Autophyte.mysfu
VIPREGen:Variant.Jaik.27019
TrendMicroBKDR_DESTOVER.ADU
SophosTroj/DeltaC-C
IkarusTrojan.Win32.NukeSped
JiangminBackdoor.Agent.hpz
WebrootW32.Rat.Fallchill
VaristW32/Destover.YRKQ-0187
AviraTR/Autophyte.mysfu
Antiy-AVLTrojan[APT]/Win32.Lazarus
Kingsoftmalware.kb.a.998
XcitiumMalware@#2hq830e4yjix4
MicrosoftTrojan:Win32/Autophyte.L!dha
ViRobotTrojan.Win32.Agent.94208.DY
ZoneAlarmBackdoor.Win32.Agent.dpfu
GDataGen:Variant.Jaik.27019
GoogleDetected
AhnLab-V3Win-Trojan/Hwdoor.Gen
VBA32Backdoor.Agent
ALYacBackdoor.Destover.A
TACHYONBackdoor/W32.Agent.94208.GD
MalwarebytesGeneric.Malware.AI.DDS
PandaTrj/Backdoor.P
TrendMicro-HouseCallBKDR_DESTOVER.ADU
RisingBackdoor.[Lazarus]NukeSped!1.DA09 (CLASSIC)
YandexTrojan.GenAsa!vwN1idHLCVI
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Agent.YDV!tr
AVGWin32:Malware-gen
DeepInstinctMALICIOUS

How to remove Trojan:Win32/Autophyte.L!dha?

Trojan:Win32/Autophyte.L!dha removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment