Risk

RiskTool.Win32.KeyLogger.dt information

Malware Removal

The RiskTool.Win32.KeyLogger.dt is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What RiskTool.Win32.KeyLogger.dt virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Uses Windows utilities for basic functionality
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Compiles .NET code into an executable and executes it
  • Deletes executed files from disk
  • Uses csc.exe C# compiler to build and execute code
  • Uses suspicious command line tools or Windows utilities

How to determine RiskTool.Win32.KeyLogger.dt?


File Info:

name: 547C2E66B4374B5D79E4.mlw
path: /opt/CAPEv2/storage/binaries/2d98288f41a133838edcd07cc85d692cfd834cbcd925a1c711015815781dc9d7
crc32: B3E8AC3D
md5: 547c2e66b4374b5d79e412195fde2fb9
sha1: 5f4558adf03b886a7bc011f262ee9ba43182dd25
sha256: 2d98288f41a133838edcd07cc85d692cfd834cbcd925a1c711015815781dc9d7
sha512: 83a163fc5c00d5fa1f967c0d9ddd859d873e10b18650afbd8d3721914cbe087a27b47d5638e768984fc656c8e4fc62180a78704b651413034c8b0a31f7002415
ssdeep: 49152:2qxHmJn1fvtKhuhLJmLqf+prDJtPrLDtciaVpaSX92X8H:jxHml1fvcHqynJ9XGViX8H
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T13D853316B56386B8E66076B70D6AC3749B0E7F240E32411675C9BF2FFB32941640E7A3
sha3_384: 1aec829264bc2849c43073a7a69f4b9defb9a8fa837a22e0ac1e6a31eff89cdabbe301d5799e0d9511b2f6eda722c417
ep_bytes: 558bec83c4c453565733c08945f08945
timestamp: 1992-06-19 22:22:17

Version Info:

Comments: This installation was built with Inno Setup.
CompanyName: GentleSoft
FileDescription: Looker Setup
FileVersion: 1.1.5.0
LegalCopyright: Copyright © GentleSoft 2013-2014
ProductName: Looker
ProductVersion: 1.1.5.0
Translation: 0x0000 0x04b0

RiskTool.Win32.KeyLogger.dt also known as:

BkavW32.Common.8B134588
LionicRiskware.Win32.KeyLogger.1!c
SkyhighBehavesLike.Win32.ObfuscatedPoly.tc
Cylanceunsafe
SangforRiskware.Win32.KeyLogger.Vep5
AlibabaRiskWare:Win32/KeyLogger.daec736d
BitDefenderThetaGen:NN.ZemsilCO.36802.am0@aC9EaRl
Kasperskynot-a-virus:RiskTool.Win32.KeyLogger.dt
NANO-AntivirusRiskware.Win32.KeyLogger.fbergt
AvastWin32:Malware-gen
JiangminRiskTool.KeyLogger.ax
Antiy-AVLTrojan[Downloader]/MSIL.Small
ZoneAlarmnot-a-virus:RiskTool.Win32.KeyLogger.dt
GDataMSIL.Riskware.Logger.A
McAfeeArtemis!547C2E66B437
MalwarebytesGeneric.Malware/Suspicious
PandaTrj/Chgt.A
TrendMicro-HouseCallTROJ_GEN.R002H07L423
RisingTrojan.Win32.Generic.169909DF (C64:YzY0Ojdr5PHIITxm)
AVGWin32:Malware-gen
DeepInstinctMALICIOUS

How to remove RiskTool.Win32.KeyLogger.dt?

RiskTool.Win32.KeyLogger.dt removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment