Backdoor

Backdoor.Python.Agent removal instruction

Malware Removal

The Backdoor.Python.Agent is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Backdoor.Python.Agent virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • CAPE detected the PyInstaller malware family

How to determine Backdoor.Python.Agent?



File Info:

name: B42873670C955253EA61.mlw
path: /opt/CAPEv2/storage/binaries/45e9f0d4770483021e018df5680046ae4086911be4767ddd9da586b132198d0e
crc32: 5C318904
md5: b42873670c955253ea6173e5f61c60ff
sha1: 3cb301cb4ae97d6c8a56b200683047a4a6a4606f
sha256: 45e9f0d4770483021e018df5680046ae4086911be4767ddd9da586b132198d0e
sha512: 4be34342c7a29d3a3be681ade1c98e19065abbb19093922eaae1a85c276b5aba4e7a98888bff57b1c984a42cbe40510a5642f36c0fca1c87234189a38c5616b6
ssdeep: 49152:82dTQnez1YnsfFetFqVe+UShuIjlcmcp24eDlkBUouU:8xehYn8FeLqZQIjtcp24eDmqoP
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T1B8A523213C828031D2F6043A09F6C6797A7FBC750F2696AF936833754E715F2A13A766
sha3_384: e7615bbdaf8e7acec9fd6d7b51e55c9d6d999b60ab89b8b28f08d54927da0fa52aa19cac3d69bb6ac4d76f7e9eaa12c0
ep_bytes: e822050000e987feffffcccccccccccc
timestamp: 2021-01-13 09:46:18


Version Info:

0: [No Data]

Backdoor.Python.Agent also known as:

BkavW32.AIDetect.malware2
LionicTrojan.Python.Agent.m!c
CylanceUnsafe
SangforBackdoor.Python.Agent.gen
K7AntiVirusTrojan ( 00556f901 )
AlibabaBackdoor:Win32/KeyLogger.ff3c2fb3
Cybereasonmalicious.b4ae97
SymantecML.Attribute.HighConfidence
ESET-NOD32Python/Spy.KeyLogger.DB
TrendMicro-HouseCallTROJ_GEN.R002H0DAA22
AvastWin32:Trojan-gen
KasperskyHEUR:Backdoor.Python.Agent.gen
TencentWin32.Backdoor.Agent.Pcse
McAfee-GW-EditionBehavesLike.Win32.Dropper.vc
SophosMal/Generic-S
AviraTR/Spy.KeyLogger.pigtp
Antiy-AVLTrojan/Generic.ASMalwS.3124987
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
CynetMalicious (score: 99)
McAfeeArtemis!B42873670C95
APEXMalicious
SentinelOneStatic AI – Malicious PE
FortinetW32/KeyLogger.DB!tr.spy
AVGWin32:Trojan-gen
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Backdoor.Python.Agent?

Backdoor.Python.Agent removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment