Spy Trojan

TrojanSpy.MSIL.Keylogger (file analysis)

Malware Removal

The TrojanSpy.MSIL.Keylogger is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What TrojanSpy.MSIL.Keylogger virus can do?

  • Dynamic (imported) function loading detected
  • .NET file is packed/obfuscated with SmartAssembly
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine TrojanSpy.MSIL.Keylogger?


File Info:

name: DEAE5C497972C06536B4.mlw
path: /opt/CAPEv2/storage/binaries/77e401027589f4e7396d9ec4353ad7684404fe77a1ba8f46373e6618dda7bb55
crc32: 7D4CDB93
md5: deae5c497972c06536b4066909068d24
sha1: b96f776069bf3c3012ff4983363033d46469ce1a
sha256: 77e401027589f4e7396d9ec4353ad7684404fe77a1ba8f46373e6618dda7bb55
sha512: 8c4576282298011b223b944e6274f5b3ad01bde5b6ae1a7bf44ac31ffbc1fff0f5c85d992702d2edc53942a32ae137a352e0cf09d55f0160fb0cb79a349acf6d
ssdeep: 1536:F4X3ZcBqgana4N+LBTiEXD+Onwdgh04WZ4FSh:F4Xpganah1ND+Onwd5/Z4F
type: PE32+ executable (GUI) x86-64, for MS Windows
tlsh: T1DCA32BA601FD6DE2CF9933BC907790248DF1EA347142FF5B0E1990CC0E95A9993E1AD6
sha3_384: 28d58ae31fb3746e871eff4f748b0bde74097a6e548e2cf0b72c16cc2f2081f49301190afcb6a3fb9b773c6454056c15
ep_bytes: 4d5a90000300000004000000ffff0000
timestamp: 2021-12-02 00:00:20

Version Info:

Translation: 0x0000 0x04b0
Comments:
CompanyName:
FileDescription: SB
FileVersion: 1.0.0.0
InternalName: SB.exe
LegalCopyright: Copyright © 2021
LegalTrademarks:
OriginalFilename: SB.exe
ProductName: SB
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

TrojanSpy.MSIL.Keylogger also known as:

LionicTrojan.MSIL.KeyLogger.l!c
CylanceUnsafe
K7AntiVirusTrojan ( 005268791 )
AlibabaTrojan:MSIL/DropperX.0bc09446
K7GWTrojan ( 005268791 )
SymantecTrojan.Gen.MBT
ESET-NOD32a variant of MSIL/TrojanDropper.Agent.DNX
TrendMicro-HouseCallTROJ_GEN.R014H0CL321
KasperskyVHO:Trojan-Spy.MSIL.KeyLogger.gen
AvastWin64:DropperX-gen [Drp]
SophosMal/Generic-S
McAfee-GW-EditionArtemis!Trojan
SentinelOneStatic AI – Suspicious PE
APEXMalicious
GDataWin64.Trojan.Agent.74NHO9
AviraHEUR/AGEN.1139069
GridinsoftRansom.Win64.Sabsik.sa
MicrosoftTrojan:Win32/Wacatac.B!ml
McAfeeArtemis!DEAE5C497972
VBA32TrojanSpy.MSIL.Keylogger
MalwarebytesMalware.AI.2712523059
IkarusTrojan-Dropper.MSIL.Agent
eGambitUnsafe.AI_Score_99%
FortinetMSIL/Agent.DNX!tr
AVGWin64:DropperX-gen [Drp]

How to remove TrojanSpy.MSIL.Keylogger?

TrojanSpy.MSIL.Keylogger removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment