About “Spyware.LokiStealer” infection

Malware Removal

The Spyware.LokiStealer is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Spyware.LokiStealer virus can do?

  • Network activity detected but not expressed in API logs

Related domains:

z.whorecord.xyz
a.tomx.xyz

How to determine Spyware.LokiStealer?


File Info:

crc32: D3171239
md5: a03368eb33266bfa408ade1d740e52d5
name: A03368EB33266BFA408ADE1D740E52D5.mlw
sha1: 9c4958b73f052ec79117a81d52c53e14f7a61d13
sha256: 2efd8877177aa2649cb83abbd2bc9ea126cd48eb91073e047e82e03be003b5ed
sha512: d2f20b248dd266a12f198f69d0698961b65430928ab4c09c448aed8e3c865d46321062fe63bb7ca68fd55aafd93e65705fd6d7f1da8c29e1149b1761f96cc450
ssdeep: 3072:Zfjcza97WYbn5xl5k2wYUju9BomypbF57a5YOCgTp8/oDhqc:pqm7WYbpGsUa9Gmypb7CYiOADhq
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows

Version Info:

Translation: 0x0000 0x04b0
LegalCopyright:
Assembly Version: 0.0.0.0
InternalName: Anubis.exe
FileVersion: 0.0.0.0
ProductVersion: 0.0.0.0
FileDescription:
OriginalFilename: Anubis.exe

Spyware.LokiStealer also known as:

Elasticmalicious (high confidence)
DrWebTrojan.PWS.Siggen2.59267
CynetMalicious (score: 99)
CAT-QuickHealTrojan.MsilFC.S17036576
ALYacGeneric.Ransom.Hiddentear.A.C69E3525
SangforTrojan.Win32.Save.a
Cybereasonmalicious.b33266
ESET-NOD32a variant of MSIL/Spy.Agent.BYF
APEXMalicious
AvastWin32:TrojanX-gen [Trj]
ClamAVWin.Ransomware.Hiddentear-9872794-0
KasperskyTrojan-Banker.MSIL.Evital.gen
BitDefenderGeneric.Ransom.Hiddentear.A.C69E3525
MicroWorld-eScanGeneric.Ransom.Hiddentear.A.C69E3525
Ad-AwareGeneric.Ransom.Hiddentear.A.C69E3525
SophosML/PE-A
BitDefenderThetaGen:NN.ZemsilF.34050.hm0@aKeBBEc
McAfee-GW-EditionBehavesLike.Win32.Generic.ch
FireEyeGeneric.mg.a03368eb33266bfa
EmsisoftGeneric.Ransom.Hiddentear.A.C69E3525 (B)
SentinelOneStatic AI – Malicious PE
AviraHEUR/AGEN.1142073
eGambitUnsafe.AI_Score_99%
MicrosoftRansom:MSIL/Loki.DA!MTB
ArcabitGeneric.Ransom.Hiddentear.A.C69E3525
ZoneAlarmTrojan-Banker.MSIL.Evital.gen
GDataMSIL.Trojan-Stealer.DarkStealer.A
AhnLab-V3Trojan/Win32.RL_Evital.C4222179
McAfeeGenericRXME-MP!A03368EB3326
MAXmalware (ai score=82)
MalwarebytesSpyware.LokiStealer
RisingStealer.Agent!1.B723 (CLASSIC)
IkarusTrojan.MSIL.PSW
FortinetMSIL/Agent.BYF!tr
AVGWin32:TrojanX-gen [Trj]

How to remove Spyware.LokiStealer?

Spyware.LokiStealer removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

Leave a Comment