How to remove AutoIt3.exe

» File
File Details
Overview
Analysis

AutoIt3.exe

The module AutoIt3.exe has been detected as Ransom.Wacatac

AutoIt3.exe

Remove AutoIt3.exe

File Details

Main Info:

Product Name:	AutoIt v3 Script
Company Name:	AutoIt Team
MD5:	c4e4cd0ed0787bc8537c02dd61284425
Size:	732 KB
First Published:	2017-11-02 12:06:13 (7 years ago)
Latest Published:	2020-12-31 10:27:13 (4 years ago)

Analysis:

Status:	Ransom.Wacatac (on last analysis)
Analysis Date:	2020-12-31 10:27:13 (4 years ago)

Overview

Digital Signature

Signed By:	AutoIt Consulting Ltd
Status:	Invalid (digital signature could be stolen or file could be patched)

Common Places:

%desktop%\f\new folder\shareit\files

%desktop%\f

%desktop%

%desktop%\f\new folder\shareit

%sysdrive%\$recycle.bin\s-1-5-21-1394096722-959427334-2363267455-1000\$rohoa0f

%sysdrive%\$recycle.bin\s-1-5-21-1394096722-959427334-2363267455-1000\$rohoa0f\

Geography:

100.0%

OS Version:

Windows 7	73.3%
Windows Vista	20.0%
Windows 10	6.7%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x000164e1

PE Sections:

Name	Size of data	MD5
.text	525824	902480d52d8d17dc44d0fe582df89694
.rdata	57344	b19195bd10fd0137d1243bf6477e30cd
.data	26624	b507a11a98d5604998e6f4aea115ac82
.rsrc	101376	2078839cb3fe2930a5b5a2511de85330
.reloc	30208	8c3d02534aa508c46376d7dcfb5d14c8

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for AutoIt3.exe

copyright for information about AutoIt3.exe