Spy

Python/Spy.KeyLogger.DV information

Malware Removal

The Python/Spy.KeyLogger.DV is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Python/Spy.KeyLogger.DV virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Anomalous file deletion behavior detected (10+)
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Created a process from a suspicious location
  • CAPE detected the PyInstaller malware family

How to determine Python/Spy.KeyLogger.DV?



File Info:

name: B249711A23C1684A73A3.mlw
path: /opt/CAPEv2/storage/binaries/dd77e047f3e0121de0793fc4c563566a57ef8b03d2efc8c336c48e164dc94fcd
crc32: 81CC22F8
md5: b249711a23c1684a73a3c1bc7ee87a81
sha1: d5ea9de7a06a571641abe9a95e9cfc5520174ee1
sha256: dd77e047f3e0121de0793fc4c563566a57ef8b03d2efc8c336c48e164dc94fcd
sha512: bfdb9d342e2e8e5cc5fef51195ad7a5abcdb9d3b67b8ece58c8574418174e923ebce892b5dc8ba5bbe5326076e8edd58069b51e6a742473b576a3799ebe4cb1c
ssdeep: 196608:HINoue9xcrad4tahSY5M/jSE3/UbV04W6cUOE:Ko9xc2uAhRzQcJ04W2b
type: PE32+ executable (GUI) x86-64, for MS Windows
tlsh: T147863386A7A48998F577603DC4018516EE71BD724B50CA5B2B343A332F339E4AC7FAD4
sha3_384: 8076e6a904202d61a1d6de38f3200d75190cafbae2d2011a6be0c9e53b49c4e5cc7f9415d08dde2eabf53b7699b2667d
ep_bytes: 4883ec28e8f70400004883c428e97afe
timestamp: 2021-11-09 18:04:01


Version Info:

CompanyName: 
FileDescription: Microsoft Word Document
FileVersion: 
InternalName: 
LegalCopyright: 
OriginalFilename: 
ProductName: 
ProductVersion: 
Translation: 0x0409 0x04b0

Python/Spy.KeyLogger.DV also known as:

MicroWorld-eScanTrojan.GenericKD.38224205
FireEyeTrojan.GenericKD.38224205
McAfeeArtemis!B249711A23C1
CylanceUnsafe
K7AntiVirusTrojan ( 00558bbf1 )
CrowdStrikewin/malicious_confidence_100% (W)
SymantecTrojan.Gen.MBT
ESET-NOD32Python/Spy.KeyLogger.DV
APEXMalicious
KasperskyTrojan.Win32.RegRun.aaiw
BitDefenderTrojan.GenericKD.38224205
AvastFileRepMalware
Ad-AwareTrojan.GenericKD.38224205
SophosMal/Generic-S
ZillyaTrojan.Agent.Script.1642387
McAfee-GW-EditionBehavesLike.Win64.Dropper.wc
EmsisoftTrojan.GenericKD.38224205 (B)
Antiy-AVLTrojan/Generic.ASMalwS.34CE23D
GridinsoftRansom.Win64.Sabsik.sa
GDataTrojan.GenericKD.38224205
CynetMalicious (score: 100)
ALYacTrojan.GenericKD.38224205
MAXmalware (ai score=83)
TrendMicro-HouseCallTROJ_GEN.R002H0DL821
TencentWin32.Trojan.Regrun.Pcsf
FortinetPossibleThreat.PALLASNET.H
AVGFileRepMalware

How to remove Python/Spy.KeyLogger.DV?

Python/Spy.KeyLogger.DV removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment