Spy Trojan

Trojan-Spy.Win32.Screenshoter removal guide

Malware Removal

The Trojan-Spy.Win32.Screenshoter is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan-Spy.Win32.Screenshoter virus can do?

  • Unconventionial language used in binary resources: Korean
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Trojan-Spy.Win32.Screenshoter?



File Info:

name: 271F28EB94EC94D4D7E8.mlw
path: /opt/CAPEv2/storage/binaries/bb565ab57d9dbb2dcf3321a7a0e810edd8ee5d481c67298e38963aebf3826945
crc32: 6B3D6334
md5: 271f28eb94ec94d4d7e8b4dc4e38234a
sha1: 89a98a2f4e19937fa2e817141ec608834f7def7e
sha256: bb565ab57d9dbb2dcf3321a7a0e810edd8ee5d481c67298e38963aebf3826945
sha512: 1dcb591065bd0fff3ffaf658d1ff3deb575883af4e8d72ac335c47d8ed610973b48d2480515e422e755852926606713d30855513bc1fd0f3821df067c1a11c4f
ssdeep: 1536:azzvgcIsdQEsKbqEZn2mlsltrkKLDSZEE5IsrU:gvgcIWQEz5n2mlsltR3SZEEvrU
type: PE32+ executable (GUI) x86-64, for MS Windows
tlsh: T133634A86958390E9D37DC8F09B522B5BFCB57020375526EFEF3348A61F32694E026A17
sha3_384: 5e8b3e0c575ed8c0fb514a547329dc1fcc9fcfc70b1061e57525a25c54ac11657ced146dc7f8297dc93bd6c2d5a3f76a
ep_bytes: 4883ec28e8db0300004883c428e986fd
timestamp: 2021-12-08 05:07:48


Version Info:

0: [No Data]

Trojan-Spy.Win32.Screenshoter also known as:

Elasticmalicious (high confidence)
CrowdStrikewin/malicious_confidence_60% (D)
CyrenW64/Agent.DPZ.gen!Eldorado
ESET-NOD32a variant of Win64/Agent.AKG
KasperskyHEUR:Trojan-Spy.Win32.Screenshoter.gen
AvastWin32:Trojan-gen
SophosGeneric ML PUA (PUA)
McAfee-GW-EditionGenericRXQH-RW!387F1FF3B2F2
FireEyeGeneric.mg.271f28eb94ec94d4
SentinelOneStatic AI – Malicious PE
eGambitUnsafe.AI_Score_89%
AviraTR/Agent.hcjsz
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
CynetMalicious (score: 100)
MalwarebytesTrojan.MalPack
RisingMalware.Heuristic!ET#88% (RDMK:cmRtazooJSc1Yy/pgJBq178xV7bq)
YandexTrojan.Agent!0Qpzm6m6ZIM
IkarusTrojan.Win32.Agent
FortinetW64/Agent.AKG!tr
AVGWin32:Trojan-gen
Cybereasonmalicious.f4e199

How to remove Trojan-Spy.Win32.Screenshoter?

Trojan-Spy.Win32.Screenshoter removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment