Trojan

Trojan.Keylogger removal tips

Malware Removal

The Trojan.Keylogger is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Keylogger virus can do?

  • Reads data out of its own binary image
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Trojan.Keylogger?



File Info:

name: B2AD35C65CE14389ADD2.mlw
path: /opt/CAPEv2/storage/binaries/6685d9bbf42de94bf34d002754d4a519808dca272d7cf66b033fb4b94fcfc712
crc32: 31A19862
md5: b2ad35c65ce14389add27b694a41e13a
sha1: 48386e23bb2aa42accd25854c5c900af02b6e22f
sha256: 6685d9bbf42de94bf34d002754d4a519808dca272d7cf66b033fb4b94fcfc712
sha512: a66cbd50a7a05b2de6bdd002c30a287598461da5475dc0854657c035c27bb4fb9049b6115f72aa409285b0340edbeea99fc47ccc2d62374a60c88efb693e1237
ssdeep: 12288:dhrQ94mER9Pn0Xi1em6M71qHfgudE0SXeoBcRAGiUGkHTxsgEYtOiVws7VnhWSG:nrmUPn+YJzKO5+jGkHTaYzqsdLG
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T19DE41282F69289B3E1220A384919A795D72FFF102E34E507A1FD7D4E5F7F5A158243C2
sha3_384: a12a51623f8c01ac16fae39517c94a7b77221e1a060872c557dcdeaccbbe6f3b9cbe9c96b36be1a8c5b7ec9f0f6a7a7f
ep_bytes: 558bec83c4f4b854924100e844b8feff
timestamp: 1992-06-19 22:22:17


Version Info:

CompanyName: NetCent Communications                                                                                                                                                                                                   
FileDescription: HangARoo                                                                                                                                                                                                                          
FileVersion: 1.1            
InternalName: NCBuy Entertainment Network HangARoo                                                                                                                                                                                              
LegalCopyright: © Copyright 2001 NetCent Communications                                                                                                                                                                    
LegalTrademarks:                                                                                                                                                                                                         
OriginalFilename: HangARoo.exe                                                                                                                                                                                                        
ProductName: HangARoo                                                                                                                                                                                                                          
ProductVersion: 1.1                                                                                                                                                                                                            
Comments: http://enetwork.ncbuy.com                                                                                                                                                                                                                            
Translation: 0x0809 0x04e4

Trojan.Keylogger also known as:

BkavW32.AIDetectMalware
DrWebTrojan.KeyLogger.10946
SkyhighBehavesLike.Win32.Dropper.jc
McAfeeArtemis!B2AD35C65CE1
SymantecML.Attribute.HighConfidence
APEXMalicious
AvastFileRepMalware [Trj]
FireEyeGeneric.mg.b2ad35c65ce14389
IkarusWin32.Heuristic
GoogleDetected
Kingsoftmalware.kb.a.993
VBA32Trojan.Keylogger
RisingTrojan.Generic@AI.100 (RDML:W7cbMMPF9+enO35WZgCeZw)
SentinelOneStatic AI – Suspicious PE
MaxSecureTrojan.Malware.216064600.susgen
AVGFileRepMalware [Trj]
DeepInstinctMALICIOUS
alibabacloudTrojan:Win/Heuristic.f3a5e59a

How to remove Trojan.Keylogger?

Trojan.Keylogger removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment