Malware

About “Win64/Autorun.E” infection

Malware Removal

The Win64/Autorun.E is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win64/Autorun.E virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Dynamic (imported) function loading detected
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Installs itself for autorun at Windows startup
  • Creates a copy of itself

How to determine Win64/Autorun.E?



File Info:

name: D1721B03A2AEE9CC35ED.mlw
path: /opt/CAPEv2/storage/binaries/46ca70d945cc5237ab2f3e1a3a06853873eab9dd58147795cd2197c06dffc71e
crc32: 425D4A80
md5: d1721b03a2aee9cc35ed1bb23e5bdc70
sha1: 02a9d32eae2374a4cb127f323b2b2f23d3dd851d
sha256: 46ca70d945cc5237ab2f3e1a3a06853873eab9dd58147795cd2197c06dffc71e
sha512: 61e12cb74088648757c37d9e584c52623b5958d67f363a416937b5fc873b7d711c6c44536fa758037f3aca1666e3b47107e9afc39ff04551d9062580018e8082
ssdeep: 1536:rMH+/lU5oeomdOEqTIm4gKN2PphxguWNl:rMeU5oeomdOTKN8hxguWNl
type: PE32+ executable (console) x86-64, for MS Windows
tlsh: T1E25384E57AD48C9AEF11423C41E5D231263DBAE0CA038B5369307A321F53AD57ED726E
sha3_384: a9c2466c65863ea49d061e18c56ce165b3874062e17009e6657664bfd9ebe5e52cadfa8d704a689dea40056d1ec7bb49
ep_bytes: 4883ec28488b05c5430000c700000000
timestamp: 2021-12-06 05:01:12


Version Info:

0: [No Data]

Win64/Autorun.E also known as:

CylanceUnsafe
CyrenW64/Autorun.EO.gen!Eldorado
ESET-NOD32a variant of Win64/Autorun.E
Paloaltogeneric.ml
SophosMal/Generic-S
McAfee-GW-EditionArtemis!Trojan
GDataWin64.Worm.Hunatcha.A
Antiy-AVLTrojan/Generic.ASCommon.1C4
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
CynetMalicious (score: 100)
AhnLab-V3Malware/Win64.Generic.C4298006
McAfeeArtemis!D1721B03A2AE
RisingWorm.Agent!1.B455 (CLASSIC)
IkarusWorm.Win64.Autorun
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/PossibleThreat

How to remove Win64/Autorun.E?

Win64/Autorun.E removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment