Spy

How to remove “Python/Spy.KeyLogger.UJ”?

Malware Removal

The Python/Spy.KeyLogger.UJ is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Python/Spy.KeyLogger.UJ virus can do?

  • Sample contains Overlay data
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Reads data out of its own binary image
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • CAPE detected the PyInstaller malware family

How to determine Python/Spy.KeyLogger.UJ?


File Info:

name: 5187152EB6123F7F5F46.mlw
path: /opt/CAPEv2/storage/binaries/c735750034ad83100ca83e8e876cef42e86e9dc25f52d0aa9307a488cfd463d4
crc32: 40A4A208
md5: 5187152eb6123f7f5f4684da77d92deb
sha1: 89b1a7089eca6cc5bfeffd07275dae1e5961089f
sha256: c735750034ad83100ca83e8e876cef42e86e9dc25f52d0aa9307a488cfd463d4
sha512: 74a84c200c324a73c9858d18a47b9880e101de1b4e76a1ff4dbc165c4e50afbf77a025515c5e818a4c2893c35983ce595681093cc19f9df5599921f6bfca9319
ssdeep: 98304:H48ZfWVLiSwoPllMWHu5iQ3s+1mVp0rfBiO52uTACITfEfZGaaf1C9qxTfWjspKy:Yu5zoP1HSsimvlG2xCsEfGzUjxy
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T1E0663332794081E2C2F65A3909E2D8391E3DD93353149163D7D82A7E2DF3AD3B52AD6C
sha3_384: d52a70a6a5125210ef8a9678a6a5ea0698aaa7d9d16a45037fd737a900b1f331ca801e31fc0e3eab2ee2e40f3e69768f
ep_bytes: e822050000e987feffffcccccccccccc
timestamp: 2020-11-18 08:54:16

Version Info:

0: [No Data]

Python/Spy.KeyLogger.UJ also known as:

BkavW32.AIDetect.malware2
LionicHeuristic.File.Generic.00×1!p
FireEyeGeneric.mg.5187152eb6123f7f
CAT-QuickHealTrojan.GenericPMF.S17729005
McAfeeArtemis!5187152EB612
CylanceUnsafe
ZillyaTrojan.Badur.Win32.34042
SangforSpyware.Python.KeyLogger.V0hu
K7AntiVirusTrojan ( 0057ec181 )
AlibabaTrojanSpy:Win32/Almi_KeyLogger.l
K7GWTrojan ( 0057ec181 )
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32Python/Spy.KeyLogger.UJ
APEXMalicious
TrendMicro-HouseCallTROJ_GEN.R002H0CHV22
Paloaltogeneric.ml
KasperskyHEUR:Trojan-Spy.Python.Agent.gen
AvastMulti:KeyLogger-I [Trj]
McAfee-GW-EditionBehavesLike.Win32.Trojan.vc
SophosMal/Generic-S
SentinelOneStatic AI – Malicious PE
GoogleDetected
AviraTR/Spy.KeyLogger.ertxm
MicrosoftTrojan:Win32/Wacatac.B!ml
ZoneAlarmHEUR:Trojan-Spy.Python.Agent.gen
GDataWin32.Trojan-Stealer.Keylogger.SLCBDU
CynetMalicious (score: 100)
TencentWin32.Trojan-Spy.Agent.Bzlw
IkarusTrojan-Spy.Python.Keylogger
AVGMulti:KeyLogger-I [Trj]

How to remove Python/Spy.KeyLogger.UJ?

Python/Spy.KeyLogger.UJ removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment