Spy

Should I remove “Generic.PySpy.A.15540776”?

Malware Removal

The Generic.PySpy.A.15540776 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Generic.PySpy.A.15540776 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Dynamic (imported) function loading detected
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Anomalous file deletion behavior detected (10+)
  • Reads data out of its own binary image
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Created a process from a suspicious location
  • CAPE detected the PyInstaller malware family

How to determine Generic.PySpy.A.15540776?



File Info:

name: 2E86A43990071E8D9B3A.mlw
path: /opt/CAPEv2/storage/binaries/7b3de81b3f7e51178ac004481238ae58016b08c346b133d6a5adbd462175e4ef
crc32: 1E690663
md5: 2e86a43990071e8d9b3a05775ae3e7ba
sha1: 66f147a94bc3091f94d48a88801988be84ae0240
sha256: 7b3de81b3f7e51178ac004481238ae58016b08c346b133d6a5adbd462175e4ef
sha512: a9a0f959ddf02f88ab7281c8769f71d897a8df045dca49162359ac4d80c38712485d40863647e4367a3cc16f2a91ce17ac2401c5e4fa47cdbc3bbca8e777d5e0
ssdeep: 196608:XM1x7QICteEroXxWVfEqlbkkwR7VTEJZFDrI0Zlaxb:+QInEroXgfEqirRRoJZ9rIilEb
type: PE32+ executable (console) x86-64, for MS Windows
tlsh: T14066330867400DEDF0B30031A5608535D17ABC734744D98B6A6CA6279FA7EE5BEBBF84
sha3_384: 3719444725714919138b419a02a9e0a7aca969b540a0b03e2159cfacb1010ea5056b236529a9d8d04f37778cb704f513
ep_bytes: 4883ec28e8f70400004883c428e972fe
timestamp: 2021-08-01 04:39:37


Version Info:

0: [No Data]

Generic.PySpy.A.15540776 also known as:

MicroWorld-eScanGeneric.PySpy.A.15540776
ALYacGeneric.PySpy.A.15540776
CyrenPYC/Disgrab.B.gen!Camelot
ESET-NOD32Python/PSW.Agent.BP
APEXMalicious
KasperskyHEUR:Trojan-PSW.Python.Nuker.gen
BitDefenderGeneric.PySpy.A.15540776
AvastPython:PWStealer-A [Spy]
Ad-AwareGeneric.PySpy.A.15540776
DrWebPython.Stealer.194
McAfee-GW-EditionBehavesLike.Win64.Generic.vc
FireEyeGeneric.PySpy.A.15540776
EmsisoftGeneric.PySpy.A.15540776 (B)
SentinelOneStatic AI – Suspicious PE
GDataGeneric.PySpy.A.15540776
ArcabitGeneric.PySpy.A.DED2228
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
McAfeePython/PWS.v
MAXmalware (ai score=84)
FortinetPython/Agent.BP!tr
AVGPython:PWStealer-A [Spy]

How to remove Generic.PySpy.A.15540776?

Generic.PySpy.A.15540776 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment