home

autoit-v3.1.0-setup.exe

The application autoit-v3.1.0-setup.exe has been detected as a potentially unwanted program by 5 anti-malware scanners. This is a setup and installation application, however the file is not signed with an authenticode signature from a trusted source. The file has been seen being downloaded from www.autoitscript.com.
Description:
AutoIt v3 Setup

Version:
3.1.0.0

MD5:
b0fdaba0efd3cd69004586b8783adfdf

SHA-1:
e372c2c7a7d013568fbfdce3faad979c82f3870f

SHA-256:
28f29d7e97d606639941065ba1b77b3eac65fe42fb83b9a3a287f11bb97c44ae

Scanner detections:
5 / 68

Status:
Potentially unwanted

Analysis date:
11/30/2024 3:36:54 PM UTC  (today)

Scan engine
Detection
Engine version

Clam AntiVirus
Win.Spyware.27005-1
0.98/21511

Comodo Security
UnclassifiedMalware
24706

Dr.Web
Adware.Maxifiles.35
9.0.1.091

Rising Antivirus
PE:AdWare.Win32.Agent.zpt!1374345 [F]
23.00.65.16329

ViRobot
Adware.Maxifiles.1781570[h]
2014.3.20.0

File size:
1.7 MB (1,781,570 bytes)

Copyright:
(c)1999-2004 Jonathan Bennett & AutoIt Team

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\autoit-v3.1.0-setup.exe

File PE Metadata
Compilation timestamp:
10/23/2004 5:17:55 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
49152:p0kCNQhZdz2VMKMTT5EV7ZiGKsbo+q4dv+f3X05:TeARhTFO7ZLKsbo+Ldv+f3X05

Entry address:
0x3C4B

Entry point:
83, EC, 20, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, C6, 44, 24, 14, 20, FF, 15, 28, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 68, 80, 92, 40, 00, 68, 40, 3B, 42, 00, A3, F0, 43, 42, 00, E8, 8F, 2A, 00, 00, BE, 00, B4, 42, 00, BF, 00, 04, 00, 00, 56, 57, FF, 15, C8, 70, 40, 00, E8, 7A, FF, FF, FF, 8B, 2D, 8C, 70, 40, 00, 85, C0, 75, 21, 68, FB, 03, 00, 00, 56, FF, 15, C4, 70, 40, 00, 68, 78, 92, 40, 00, 56, FF, D5, E8, 57, FF, FF, FF, 85, C0, 0F, 84, 47, 01, 00, 00, BE, 00, A0...
 
[+]

Entropy:
7.9933  (probably packed)

Code size:
23 KB (23,552 bytes)

The file autoit-v3.1.0-setup.exe has been seen being distributed by the following URL.

https://www.autoitscript.com/autoit3/files/archive/.../autoit-v3.1.0-setup.exe

Remove autoit-v3.1.0-setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.