Spy

Python/Spy.KeyLogger.LF information

Malware Removal

The Python/Spy.KeyLogger.LF is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Python/Spy.KeyLogger.LF virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Reads data out of its own binary image
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • CAPE detected the PyInstaller malware family

How to determine Python/Spy.KeyLogger.LF?



File Info:

name: FF97D5687D0C32CA4DE7.mlw
path: /opt/CAPEv2/storage/binaries/2978f0d9372c31334fd769caf54f66eae89909958a718006a93a756d15f820b1
crc32: A671D373
md5: ff97d5687d0c32ca4de7612f3f1f7086
sha1: 09a45f8c66e80c31db58ce2136c83f493acd3323
sha256: 2978f0d9372c31334fd769caf54f66eae89909958a718006a93a756d15f820b1
sha512: 35e0f6f6bb308a8741922d6fdb28cf1c6887592c853cc825c7db0b08fb639b563416412c8db92a717bd8d57805c48f0263a26d5452e98d06d3e1fa20f379523b
ssdeep: 49152:4+TzXxtxeth7HTvpgv9cwP5QF71mBmUGXP1l:4CdELTv0DP5QFMCX
type: PE32+ executable (console) x86-64, for MS Windows
tlsh: T1FAA5F134FDC338E5E8FBC83ACC428C35917D76E70270915B3A64553A5A272B92E2663D
sha3_384: abda7e2efe600d2dd239e05b12163f0c7e963beb48771c5160e3a327f771459c283e1e8bceffb9e305f297dfd5f68840
ep_bytes: 4883ec28e8f70400004883c428e972fe
timestamp: 2021-11-09 18:03:59


Version Info:

0: [No Data]

Python/Spy.KeyLogger.LF also known as:

MicroWorld-eScanTrojan.GenericKD.38205315
FireEyeTrojan.GenericKD.38205315
ALYacTrojan.GenericKD.38205315
ZillyaTrojan.Agent.Script.1642598
K7AntiVirusTrojan ( 00579acf1 )
AlibabaTrojanSpy:Application/KeyLogger.6c6b399a
K7GWTrojan ( 00579acf1 )
SymantecTrojan.Gen.MBT
ESET-NOD32Python/Spy.KeyLogger.LF
KasperskyHEUR:Trojan-Spy.Python.KeyLogger.gen
BitDefenderTrojan.GenericKD.38205315
AvastFileRepMalware
TencentWin32.Trojan-spy.Keylogger.Ehhv
Ad-AwareTrojan.GenericKD.38205315
McAfee-GW-EditionBehavesLike.Win64.Generic.vc
EmsisoftTrojan.GenericKD.38205315 (B)
JiangminTrojan.Agentb.kqi
AviraHEUR/AGEN.1141794
Antiy-AVLTrojan/Generic.ASMalwS.34CE845
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
GDataTrojan.GenericKD.38205315
CynetMalicious (score: 100)
McAfeeArtemis!FF97D5687D0C
MAXmalware (ai score=89)
TrendMicro-HouseCallTROJ_GEN.R002H0DL621
FortinetW32/KeyLogger.LF!tr.spy
AVGFileRepMalware
PandaTrj/CI.A

How to remove Python/Spy.KeyLogger.LF?

Python/Spy.KeyLogger.LF removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment