Trojan

Trojan:MSIL/SnakeKeylogger.SPYY!MTB removal

Malware Removal

The Trojan:MSIL/SnakeKeylogger.SPYY!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan:MSIL/SnakeKeylogger.SPYY!MTB virus can do?

  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Binary compilation timestomping detected
  • Unusual version info supplied for binary

How to determine Trojan:MSIL/SnakeKeylogger.SPYY!MTB?



File Info:

name: 2CABD203FBAE5335116E.mlw
path: /opt/CAPEv2/storage/binaries/414ebc339ab7aacac4e5916f00123aca4945bc9b4a46d7dad53f20b958cfe242
crc32: 100F9E69
md5: 2cabd203fbae5335116eb4fec0d665b3
sha1: 7e8713166c746f9f826c16c64153c239f60e0ac7
sha256: 414ebc339ab7aacac4e5916f00123aca4945bc9b4a46d7dad53f20b958cfe242
sha512: 3acd5c469866a104b3e815d2228e585696a4c5f09c851a92485703c0b578710861e50af8917d34b7261d5c5cf686b489b481eae59054d9a31ea84fa5ec6edd0b
ssdeep: 12288:iNVinf31KCLepSJEBi0mTl5wbBKlm0jT2sMoRsGBNWx6ced53rD22A:aVif31KNSJEvmx5b4sGSsGBM4FrDO
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T103E4129663F90B31C2F957FD1430915007F964BFB112F72D5F8EA1E6292AF408A20EA7
sha3_384: 78f366cff8c90c0665467ee53130777f983d18d411d0b18beee0872b1f15357baef72165179e2bd93e67fcc5591b4b39
ep_bytes: ff250020400035323748394450524834
timestamp: 2046-04-06 23:13:04


Version Info:

Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: Telephony Administration
FileVersion: 1.0.0.0
InternalName: eyNd.exe
LegalCopyright: Copyright © Microsoft Corporation. All rights reserved
LegalTrademarks: 
OriginalFilename: eyNd.exe
ProductName: Telephony Administration
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Trojan:MSIL/SnakeKeylogger.SPYY!MTB also known as:

BkavW32.AIDetectMalware.CS
LionicTrojan.Win32.Agensla.i!c
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.GenericKD.71478833
ClamAVWin.Packed.Remcos-10020797-0
CAT-QuickHealTrojanpws.Msil
SkyhighBehavesLike.Win32.Generic.jc
McAfeeArtemis!2CABD203FBAE
Cylanceunsafe
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 005ae9061 )
BitDefenderTrojan.GenericKD.71478833
K7GWTrojan ( 005ae9061 )
CrowdStrikewin/malicious_confidence_100% (W)
VirITTrojan.Win32.MSIL_Heur.A
SymantecScr.Malcode!gdn34
ESET-NOD32a variant of MSIL/Kryptik.AKUV
APEXMalicious
KasperskyHEUR:Trojan-PSW.MSIL.Agensla.gen
AlibabaTrojanPSW:MSIL/SnakeKeylogger.cc4c8a63
NANO-AntivirusTrojan.Win32.Agensla.kiiyyo
AvastWin32:CrypterX-gen [Trj]
EmsisoftTrojan.GenericKD.71478833 (B)
F-SecureTrojan.TR/Kryptik.pkasq
DrWebTrojan.PackedNET.2659
ZillyaTrojan.Kryptik.Win32.4504046
TrendMicroTROJ_GEN.R002C0DB924
FireEyeTrojan.GenericKD.71478833
SophosTroj/Krypt-ABH
IkarusTrojan.MSIL.Agent
GDataMSIL.Trojan.PSE.E38O2R
GoogleDetected
AviraTR/Kryptik.pkasq
MAXmalware (ai score=88)
KingsoftMSIL.Trojan-PSW.Agensla.gen
XcitiumMalware@#38h4vets2jfbk
ArcabitTrojan.Generic.D442AE31
ZoneAlarmHEUR:Trojan-PSW.MSIL.Agensla.gen
MicrosoftTrojan:MSIL/SnakeKeylogger.SPYY!MTB
VaristW32/MSIL_Kryptik.KMZ.gen!Eldorado
AhnLab-V3Trojan/Win.Injection.C5583088
ALYacTrojan.GenericKD.71478833
VBA32TrojanLoader.MSIL.DaVinci.Heur
MalwarebytesTrojan.MalPack.PNG.Generic
PandaTrj/Chgt.AD
TrendMicro-HouseCallTROJ_GEN.R002C0DB924
RisingMalware.Obfus/MSIL@AI.100 (RDM.MSIL2:3N2w2I7ccixhZ5/jGUs8oA)
YandexTrojan.Kryptik!OEZqM5i2zCo
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.74499699.susgen
FortinetMSIL/Stealer.36680!tr
AVGWin32:CrypterX-gen [Trj]
DeepInstinctMALICIOUS

How to remove Trojan:MSIL/SnakeKeylogger.SPYY!MTB?

Trojan:MSIL/SnakeKeylogger.SPYY!MTB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment