TROJ_HPUTOTI
Windows
Threat Type: Trojan
Destructiveness: No
Encrypted:
In the wild: Yes
OVERVIEW
This is the Trend Micro detection based on well-established characteristics inherent to AutoIT compiled executable files.
It is capable of process hollowing or injecting malicious codes to legitimate processes. It also checks for anti-virtualization tools. However, it does not exhibit any routine once these tools are found on the system. In addition, it also creates autorun registry entries and drops a copy of itself on the %Startup% folder for its persistence mechanism.
If your Trend Micro product detects a file under this detection name, do not execute the file. Delete it immediately especially if it came from an untrusted or an unknown source (e.g., a Web site of doubtful nature). However, if you have reason to believe that the detected file is non-malicious, you can submit a sample for analysis. Detailed analysis will be done on submitted samples, and corresponding removal instructions will be provided, if necessary
SOLUTION
9.800
NOTES:
Submitting Samples
If you identified suspicious files, you may submit them to us. Sample files for submission must be in ZIP format and should be password-protected. To submit a ZIP file, file compression software such as Winzip must be used. A trial version of Winzip is available here.
To compress a file, please follow the steps below:
- Right-click on the file and select Add to Zip.
- Enter a file name for the zip file.
- On the Options menu, choose Encrpyt. In the input box, type virus. This serves as the password for the zip file.
- Send the sample through the following channels:
• For Trend Micro Premium customers, please submit a virus support case by clicking here:
https://psc.trendmicro.com/eservice_enu/start.swe?SWECmd=Start&SWEHo=psc.trendmicro.com
• For Trend Micro non-Premium customers, please contact your local support network by visiting your Trend Micro regional website.
• For non-Trend Micro customers, scan your system with HouseCall, our highly popular and capable on-demand scanner for identifying and removing viruses, Trojans, worms, unwanted browser plug-ins, and other malware.
Did this description help? Tell us how we did.