Spy

Spyware.PasswordStealer.ACB (file analysis)

Malware Removal

The Spyware.PasswordStealer.ACB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Spyware.PasswordStealer.ACB virus can do?

  • Executable code extraction
  • Creates RWX memory
  • A process attempted to delay the analysis task.
  • Reads data out of its own binary image
  • A process created a hidden window
  • Drops a binary and executes it
  • The binary likely contains encrypted or compressed data.
  • Uses Windows utilities for basic functionality
  • Creates or sets a registry key to a long series of bytes, possibly to store a binary or malware config
  • Installs itself for autorun at Windows startup
  • Creates a copy of itself
  • Anomalous binary characteristics

How to determine Spyware.PasswordStealer.ACB?



File Info:

crc32: 7A578A36
md5: 0888b209e1ed6453ee7c3606a4d4e08d
name: doc0002.exe
sha1: 6f988ec6423c5c2c633b5efb30f97fd647a8eb1b
sha256: cdd1123d6aaba6379f52144371c136774f8bf2e2d45a4d94663cea9ef636f615
sha512: f370e0195a284a35ff3a582f1361fd1f332e9f5e414f1c3714a6da88bff7a73c67802d0cd02a74bec50019c8615bde02dd3421e55fe8d1624a10fc438b1851b0
ssdeep: 12288:PpY1E3G6uh+4KhnS46A9jmP/uhu/yMS08CkntxYRv:Pe1oG6uh+46fmP/UDMS08Ckn3K
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

Translation: 0x0409 0x04b0
InternalName: 1
FileVersion: 1.00
CompanyName: SHEKHAR BISWAS
Comments: THIS IS CREATED BY SHEKHAR
ProductName: ADDRESS
ProductVersion: 1.00
OriginalFilename: 1.exe

Spyware.PasswordStealer.ACB also known as:

BkavW32.AIDetectVM.malware
MicroWorld-eScanGen:Variant.Johnnie.222558
FireEyeGeneric.mg.0888b209e1ed6453
McAfeeArtemis!0888B209E1ED
CylanceUnsafe
SangforMalware
K7AntiVirusSpyware ( 0000d4291 )
BitDefenderGen:Variant.Johnnie.222558
K7GWSpyware ( 0000d4291 )
Cybereasonmalicious.6423c5
Invinceaheuristic
F-ProtW32/Agent.BBK.gen!Eldorado
SymantecML.Attribute.HighConfidence
APEXMalicious
AvastWin32:Trojan-gen
ClamAVWin.Malware.Johnnie-7603465-0
GDataGen:Variant.Johnnie.222558
KasperskyTrojan.Win32.Agent.xadlbo
AlibabaTrojanSpy:Win32/KeyLogger.0b2a47dd
AegisLabTrojan.Win32.VB.4!c
RisingSpyware.KeyLogger!8.12F (CLOUD)
Endgamemalicious (high confidence)
EmsisoftGen:Variant.Johnnie.222558 (B)
F-SecureHeuristic.HEUR/AGEN.1045493
TrendMicroTSPY_VBKEYLOG.SM
McAfee-GW-EditionBehavesLike.Win32.Trojan.jh
Trapminemalicious.high.ml.score
SophosMal/Generic-S
IkarusTrojan-Spy.Agent
CyrenW32/Agent.BBK.gen!Eldorado
WebrootW32.Malware.Gen
AviraHEUR/AGEN.1045493
MAXmalware (ai score=99)
Antiy-AVLTrojan/Win32.Agent
MicrosoftTrojan:Win32/Skeeyah.A!rfn
ArcabitTrojan.Johnnie.D3655E
ZoneAlarmTrojan.Win32.Agent.xadlbo
AhnLab-V3Spyware/Win32.RL_Vbkeylog.R329454
Acronissuspicious
ALYacGen:Variant.Johnnie.222558
Ad-AwareGen:Variant.Johnnie.222558
MalwarebytesSpyware.PasswordStealer.ACB
PandaTrj/CI.A
ESET-NOD32a variant of Win32/Spy.KeyLogger.NJK
TrendMicro-HouseCallTSPY_VBKEYLOG.SM
TencentWin32.Trojan.Johnnie.Gbw
SentinelOneDFI – Malicious PE
FortinetW32/KeyLogger.NJK!tr
BitDefenderThetaGen:NN.ZevbaF.34100.Mm0@aevKr7ji
AVGWin32:Trojan-gen
Paloaltogeneric.ml
CrowdStrikewin/malicious_confidence_90% (W)
Qihoo-360Win32/Trojan.BO.c40

How to remove Spyware.PasswordStealer.ACB?

Spyware.PasswordStealer.ACB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment