Malware

Python/PSW.Agent.ABC removal instruction

Malware Removal

The Python/PSW.Agent.ABC is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Python/PSW.Agent.ABC virus can do?

  • Sample contains Overlay data
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Reads data out of its own binary image
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • CAPE detected the PyInstaller malware family

How to determine Python/PSW.Agent.ABC?



File Info:

name: D615DCD3BC7A114F7A4A.mlw
path: /opt/CAPEv2/storage/binaries/e599e1bb5e75ac1a9c4632048c7d981382b60c14aeb578cc1c47a1c9429f4e4f
crc32: 2A3827DD
md5: d615dcd3bc7a114f7a4a498c3d30955c
sha1: e65050975097242e09235d010dbf7a1ca31afed6
sha256: e599e1bb5e75ac1a9c4632048c7d981382b60c14aeb578cc1c47a1c9429f4e4f
sha512: de4c99ce629a0fc5e9f98292d11e9feb295c7c80f7920188fbcff0cb8dd0b301bac4369c9a6481e133549654efe8e63618e01e3079e92f3de8478133ab1bed6c
ssdeep: 98304:1a8ejD1azb71QGQCPDbZfzuOqV6lORkBMjq86uUTWPCxZz0srI4oJU2kNDg:1aL6dQmRrdA6lakaqdVTrk4oe20Dg
type: PE32+ executable (console) x86-64, for MS Windows
tlsh: T17856335672940CF6F9AE823D48D2911DE660BC128362D65F07E49FBB2B573E01E3B790
sha3_384: a363a792b75f5d5994647a89463f60b809b2be5cb2648a0e0822a2c86271ac87e822e1826b03463fd111762ef3bbc7da
ep_bytes: 4883ec28e8070500004883c428e96afe
timestamp: 2022-10-23 21:30:29


Version Info:

0: [No Data]

Python/PSW.Agent.ABC also known as:

LionicTrojan.Win32.Generic.4!c
MicroWorld-eScanTrojan.GenericKD.63083103
FireEyeTrojan.GenericKD.63083103
ALYacTrojan.GenericKD.63083103
CylanceUnsafe
VIPRETrojan.GenericKD.63083103
SangforInfostealer.Win32.Agent.Vj0o
AlibabaTrojanPSW:Application/Generic.e5b09117
ESET-NOD32Python/PSW.Agent.ABC
CynetMalicious (score: 100)
BitDefenderTrojan.GenericKD.63083103
AvastMulti:Agent-FT [Trj]
TencentWin32.Trojan.Psw.Rsmw
Ad-AwareTrojan.GenericKD.63083103
EmsisoftTrojan.GenericKD.63083103 (B)
McAfee-GW-EditionBehavesLike.Win64.Generic.tc
SophosMal/Generic-S
GDataTrojan.GenericKD.63083103
AviraTR/PSW.Agent.kuear
MAXmalware (ai score=84)
ArcabitTrojan.Generic.D3C2925F
MicrosoftTrojan:Win32/Wacatac.B!ml
Acronissuspicious
McAfeeArtemis!D615DCD3BC7A
TrendMicro-HouseCallTROJ_GEN.R002H09JQ22
FortinetW32/Agent.ABC!tr.pws
AVGMulti:Agent-FT [Trj]

How to remove Python/PSW.Agent.ABC?

Python/PSW.Agent.ABC removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment