Spy Trojan

How to remove “Trojan-Spy.AndroidOS.SpyNote.aj”?

Malware Removal

The Trojan-Spy.AndroidOS.SpyNote.aj is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan-Spy.AndroidOS.SpyNote.aj virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Behavioural detection: Executable code extraction – unpacking
  • Creates RWX memory
  • Executable displays a decoy image
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Network activity detected but not expressed in API logs

How to determine Trojan-Spy.AndroidOS.SpyNote.aj?



File Info:

name: E0CCB953F9F14D0EDF92.mlw
path: /opt/CAPEv2/storage/binaries/964be7482f4ba3a85bf5d2bfabc1efc3ef1916b71d667e74135bedb3189f7ed1
crc32: 929F4632
md5: e0ccb953f9f14d0edf9221bf1c5c6ade
sha1: a818787bce51c2af10ecc0b4603aae8d8acce6fd
sha256: 964be7482f4ba3a85bf5d2bfabc1efc3ef1916b71d667e74135bedb3189f7ed1
sha512: 97c64187efd54dd85d6a68b32161c18afcef8ae621b43b6907b732b10a4ce474712debf28f44608d8a57fd1d43e61ed7c55df192677324ea016926a925b25bfb
ssdeep: 12288:vKry2/qZXzmf/o3VISbDd2lVvJhr/Yb6r5Y9:Sry2uXzmfQeCDdQ9YQc
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T11CB4E022BAC14471D5732D3859F5A7345A3EFC201B349A8F93946D2D1E703C26A3BBA7
sha3_384: c5d26c166931da8f7a87102fc679b6e9b52b898e76af61c475727844f1657a638599f236fdaaba315215971bae77f51c
ep_bytes: e828050000e988feffff3b0d58254300
timestamp: 2021-06-11 09:16:54


Version Info:

0: [No Data]

Trojan-Spy.AndroidOS.SpyNote.aj also known as:

Elasticmalicious (high confidence)
DrWebAndroid.SpyMax.5.origin
FireEyeGeneric.mg.e0ccb953f9f14d0e
CAT-QuickHealAndroid.HiddenApp.H
CylanceUnsafe
K7GWSpyware ( 005383381 )
Cybereasonmalicious.3f9f14
ESET-NOD32multiple detections
KasperskyHEUR:Trojan-Spy.AndroidOS.SpyNote.aj
NANO-AntivirusTrojan.Android.HiddenAds.fsdjyw
SophosGeneric ML PUA (PUA)
ComodoMalware@#2szptv83y04k1
McAfee-GW-EditionBehavesLike.Win32.Generic.hc
IkarusTrojan.AndroidOS.Hiddenapp
JiangminTrojan.AndroidOS.fznx
AviraHEUR/AGEN.1145351
Antiy-AVLTrojan/Generic.ASMalwAD.372
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
CynetMalicious (score: 100)
McAfeeArtemis!616D2C2C3F7E
APEXMalicious
SentinelOneStatic AI – Malicious PE
eGambitUnsafe.AI_Score_97%
FortinetAndroid/SpyMax.E!tr
MaxSecureTrojan.Malware.300983.susgen

How to remove Trojan-Spy.AndroidOS.SpyNote.aj?

Trojan-Spy.AndroidOS.SpyNote.aj removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment