How to remove autoit3_x64.exe

autoit3_x64.exe

The module autoit3_x64.exe has been detected as Trojan.CoinMiner

autoit3_x64.exe
Remove autoit3_x64.exe

File Details

Product Name:

AutoIt v3 Script
Company Name:

AutoIt Team
MD5: de43b312c11513b6975b9940d06d303b
Size: 1 MB
First Published: 2017-12-23 14:06:54 (7 years ago)
Latest Published: 2023-05-04 23:12:36 (2 years ago)
Status: Trojan.CoinMiner (on last analysis)
Analysis Date: 2023-05-04 23:12:36 (2 years ago)

Overview

Signed By: AutoIt Consulting Ltd
Status: Valid

Common Places:

%sysdrive%\newcpuspeed\newcpuspeedcheck\workers
%sysdrive%\newcpuspeed\workers
%sysdrive%\newcpuspeedcheck\newcpuspeedcheck\workers
%sysdrive%\newcpuspeedcheck\workers
%programfiles%
%sysdrive%\notifications\newcpuspeedcheck\workers
%sysdrive%\dcim\newcpuspeedcheck\workers
%sysdrive%\.cocodata\newcpuspeedcheck\workers
%sysdrive%\musica\newcpuspeedcheck\workers
%sysdrive%\.androidck\newcpuspeedcheck\workers

File Names:

cpuchecker.exe
autoit3_x64.exe
AutoIt3.exe
AU3381.exe
AutoIt3_x64.exe

Geography:

59.9%
11.1%
4.3%
4.3%
1.9%
1.9%
1.9%
1.9%
1.5%
1.5%
1.2%
1.2%
1.2%
1.2%
0.9%
0.6%
0.6%
0.6%
0.6%
0.6%
0.3%
0.3%
0.3%

OS Version:

Windows 10 43.3%
Windows 7 34.7%
Windows 8.1 19.9%
Windows Embedded 8.1 1.2%
Windows XP 0.6%
Windows Vista 0.3%

Analysis

Subsystem: Windows GUI
PE Type: pe
OS Bitness: 64
Image Base: 0x0000000140000000
Entry Address: 0x0002fe64

PE Sections:

Name Size of data MD5
.text 692736 c83c688ee0d637f898ed87391bbdf5dc
.rdata 195584 f8378ea08dde71401c6a47874a977f72
.data 24064 0854738a2fd15c1f4a6d5c121979b421
.pdata 27136 18bdefe792584ce898b031515ffff6b4
.rsrc 108544 0ad0bf19bad81bc774c0031e03e0702f
.reloc 3072 a09769711fc058127866bcb206d75d0f

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for autoit3_x64.exe
copyright for information about autoit3_x64.exe