Trojan:Win32/Azorult!pz removal tips

The Trojan:Win32/Azorult!pz is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan:Win32/Azorult!pz virus can do?

Sample contains Overlay data
Authenticode signature is invalid

How to determine Trojan:Win32/Azorult!pz?


File Info:
name: DD81B704A85600830D07.mlw
path: /opt/CAPEv2/storage/binaries/43e638078cd409ffe7e90fbf74a4f5ada4144d2f06e0319dc2a411afb530f54d
crc32: EE3C6B68
md5: dd81b704a85600830d07738df6b15d36
sha1: c39599c73fdc697486657cf7e4801e362f218213
sha256: 43e638078cd409ffe7e90fbf74a4f5ada4144d2f06e0319dc2a411afb530f54d
sha512: 89a7d7ca86b3408de37a29bcd68f4e131e9b1d830005076b9843659ed8a513d033c5fa47e449342c13b95e63e859ed2578b724fb7c38aa8654d77b6407f0cd35
ssdeep: 24576:Wu6J33O0c+JY5UZ+XC0kGsoTacbl6u2id:4u0c++OCvkGsEacJ67g
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T12B159D22B3DDC360CB669173BF69B3056EBB7C650630B85B2F980D3DA960171162D7A3
sha3_384: 4a7a6091b135068d272ec6b5a902c97ab8153585ca899e3dcc236cab6eaf44a46791ce8c94522bf48100f63838d0bd25
ep_bytes: e8b5d00000e97ffeffffcccccccccccc
timestamp: 2019-05-14 14:55:21

Version Info:
Translation: 0x0809 0x04b0

Trojan:Win32/Azorult!pz also known as:

Bkav	W32.AIDetectMalware
Elastic	malicious (high confidence)
MicroWorld-eScan	Trojan.GenericKD.68954560
CAT-QuickHeal	Trojan.AutoIT.Injector.A
Skyhigh	BehavesLike.Win32.TrojanAitInject.ch
McAfee	Trojan-AitInject.aq
Malwarebytes	Generic.Malware.AI.DDS
VIPRE	Trojan.GenericKD.68954560
Sangfor	Virus.Win32.Save.a
K7AntiVirus	Trojan ( 0055dc781 )
K7GW	Trojan ( 0055dc781 )
CrowdStrike	win/malicious_confidence_100% (D)
Symantec	AUT.Heuristic!gen5
tehtris	Generic.Malware
ESET-NOD32	Win32/Packed.Autoit.NBC suspicious
APEX	Malicious
ClamAV	Win.Trojan.Autoit-10018188-0
Kaspersky	HEUR:Trojan.Win32.AutoIt.gen
BitDefender	Trojan.GenericKD.68954560
Avast	AutoIt:Injector-JF [Trj]
Tencent	Trojan.Win32.Agent.hfw
Emsisoft	Trojan.GenericKD.68954560 (B)
F-Secure	Dropper.DR/AutoIt.Gen8
DrWeb	Trojan.AutoIt.426
TrendMicro	Trojan.AutoIt.CRYPTINJECT.SMA
Trapmine	suspicious.low.ml.score
FireEye	Generic.mg.dd81b704a8560083
Sophos	Troj/AutoIt-CLG
SentinelOne	Static AI – Malicious PE
MAX	malware (ai score=81)
GData	Trojan.GenericKD.68954560
Webroot	W32.Malware.gen
Google	Detected
Avira	DR/AutoIt.Gen8
Varist	W32/AutoIt.QF.gen!Eldorado
Antiy-AVL	Trojan[Packed]/Win32.Autoit
Kingsoft	malware.kb.a.999
Arcabit	Trojan.Generic.D41C29C0
ZoneAlarm	HEUR:Trojan.Win32.Convagent.gen
Microsoft	Trojan:Win32/Azorult!pz
Cynet	Malicious (score: 100)
AhnLab-V3	Win-Trojan/AutoInj.Exp
Acronis	suspicious
BitDefenderTheta	AI:Packer.39DE3CF819
VBA32	Trojan.Autoit
Cylance	unsafe
Panda	Trj/Genetic.gen
TrendMicro-HouseCall	Trojan.AutoIt.CRYPTINJECT.SMA
Rising	PUF.Pack-AutoIt!1.B8E7 (CLASSIC)
Ikarus	Trojan.Win32.Autoit
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	AutoIt/Injector.ESJ!tr
AVG	AutoIt:Injector-JF [Trj]
Cybereason	malicious.73fdc6
DeepInstinct	MALICIOUS

How to remove Trojan:Win32/Azorult!pz?

Trojan:Win32/Azorult!pz removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X