Spy Trojan

Trojan-Spy.Win32.Stealer.akys removal

Malware Removal

The Trojan-Spy.Win32.Stealer.akys is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan-Spy.Win32.Stealer.akys virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Presents an Authenticode digital signature
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Tries to unhook or modify Windows functions monitored by Cuckoo
  • CAPE detected the RedLine malware family
  • Checks the version of Bios, possibly for anti-virtualization
  • Detects VirtualBox through the presence of a registry key
  • Anomalous binary characteristics
  • Binary compilation timestomping detected

How to determine Trojan-Spy.Win32.Stealer.akys?



File Info:

name: A43B1555ED04CC100412.mlw
path: /opt/CAPEv2/storage/binaries/f4834b690ae6fd572f23a1d1be7528074c4ab5a2a3bfe758b317064fc4ee19f9
crc32: D35B7BD8
md5: a43b1555ed04cc100412d57a3bc9178a
sha1: 589fb74395dd059b3f7dbbbee3e8e7fe70d60ec8
sha256: f4834b690ae6fd572f23a1d1be7528074c4ab5a2a3bfe758b317064fc4ee19f9
sha512: 7b92713011e00dd5d95ef0299c9de98f0ebe2cb520b446984688c375f5a50a427c547a014dcc30f1504af68c1cdc12be9996f51f8ffa4e76751b3a48e82423bb
ssdeep: 24576:TgGp61hn5ajhtB8sML3GWfplU8nIihWyPtapBkEaHNYK3wnJjBmw7:Tg9N5attXMvRltnpapBNai7
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1C15533EFC92D250DCAAB2BF810C0822796E8CEB40FF5652DF78649919728761C79D05F
sha3_384: 3269e53a256207329af67f14002d0224ac9504cbb91411fb71bb0a4685620e38a8c0a160c0eb209e3fa43996e1b9a667
ep_bytes: 6801007a00e801000000c3c34f8ce10b
timestamp: 2044-12-08 03:10:02


Version Info:

Comments: DZ7fi5f
CompanyName: fiwGxSA
FileDescription: cmMlhgq
FileVersion: 10,9,9,0
InternalName: iplKaN3
LegalCopyright: Tm6GNrV
OriginalFilename: S24rZOD
ProductName: jvN6Spb
ProductVersion: 10,9,9,0
Assembly Version: 10,9,9,0
Translation: 0x0000 0x04b0

Trojan-Spy.Win32.Stealer.akys also known as:

BkavW32.AIDetect.malware2
LionicTrojan.Win32.Stealer.l!c
MicroWorld-eScanTrojan.GenericKD.47612118
FireEyeGeneric.mg.a43b1555ed04cc10
ALYacTrojan.GenericKD.47612118
CylanceUnsafe
ZillyaTrojan.Asprotect.Win32.46
SangforSpyware.Win32.Stealer.akys
K7AntiVirusTrojan ( 0058adc31 )
AlibabaTrojanSpy:Win32/Stealer.4aac4178
K7GWTrojan ( 0058adc31 )
Cybereasonmalicious.395dd0
CyrenW32/Stealer.S.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Packed.Asprotect.KG
APEXMalicious
Paloaltogeneric.ml
ClamAVWin.Dropper.ClipBanker-9847748-0
KasperskyTrojan-Spy.Win32.Stealer.akys
BitDefenderTrojan.GenericKD.47612118
NANO-AntivirusTrojan.Win32.Stealer.jikfhn
AvastWin32:Trojan-gen
TencentWin32.Trojan.Falsesign.Lkdn
Ad-AwareTrojan.GenericKD.47612118
SophosMal/Generic-S
DrWebTrojan.PWS.Steam.22691
TrendMicroTROJ_FRS.0NA103KS21
McAfee-GW-EditionAgentTesla-FDFF!A43B1555ED04
EmsisoftTrojan.GenericKD.47612118 (B)
SentinelOneStatic AI – Malicious PE
JiangminTrojanSpy.Stealer.isu
MaxSecureTrojan.Malware.131173909.susgen
AviraTR/AD.RedLineSteal.aekjv
Antiy-AVLTrojan/Generic.ASMalwS.34E0FE2
KingsoftWin32.PSWTroj.Undef.(kcloud)
GridinsoftTrojan.Heur!.012120B1
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
GDataTrojan.GenericKD.47612118
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win.Generic.R454386
Acronissuspicious
McAfeeAgentTesla-FDFF!A43B1555ED04
MAXmalware (ai score=83)
VBA32BScope.Trojan.Wacatac
MalwarebytesTrojan.MalPack
TrendMicro-HouseCallTROJ_FRS.0NA103KS21
YandexTrojan.GenAsa!l3ZfBja75G8
IkarusTrojan.Win32.ASProtect
FortinetW32/PossibleThreat
BitDefenderThetaGen:NN.ZexaF.34084.rP1aayZH@ipi
AVGWin32:Trojan-gen
PandaTrj/Genetic.gen
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Trojan-Spy.Win32.Stealer.akys?

Trojan-Spy.Win32.Stealer.akys removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment