Spy Trojan

Should I remove “TrojanSpy:MSIL/Keylog.B”?

Malware Removal

The TrojanSpy:MSIL/Keylog.B is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What TrojanSpy:MSIL/Keylog.B virus can do?

  • Executable code extraction
  • Creates RWX memory
  • A process attempted to delay the analysis task.
  • The binary likely contains encrypted or compressed data.
  • Looks up the external IP address
  • Tries to unhook or modify Windows functions monitored by Cuckoo
  • Steals private information from local Internet browsers
  • Exhibits behavior characteristic of iSpy Keylogger
  • Checks the CPU name from registry, possibly for anti-virtualization
  • Harvests credentials from local FTP client softwares
  • Harvests information related to installed mail clients
  • Collects information to fingerprint the system

Related domains:

z.whorecord.xyz
a.tomx.xyz
bot.whatismyipaddress.com

How to determine TrojanSpy:MSIL/Keylog.B?



File Info:

crc32: 2901C611
md5: 646c053a2055127e6ebf063cb6100b00
name: dialo.exe
sha1: 067a4a4cf8c41e26fffb99ae7cef14fe3b14768a
sha256: 4e44ca3629836051228310a62713264a4e616d8d21ec8ab713959ca1f2923e4e
sha512: f7d36176069c5ef7e8e8771e7217e594f760a2dd32ed6587c35d414fe60cdb58c8097f84ef35d447c1c2fc3c4a2fba3c6841144bce0a18868413738d2a855d4a
ssdeep: 12288:L09l3zaV5i79aSvWT2L6T9/hq51VPSvbaqocfz:L09x+VgM4+dK1VPSvb5oU
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: xc2xa91999-2015 Jonathan Bennett & AutoIt Team
InternalName: Aut2Exe.exe
FileVersion: 3, 3, 14, 2
CompanyName: AutoIt Team
Comments: http://www.autoitscript.com/autoit3/
ProductName: Aut2Exe
ProductVersion: 3, 3, 14, 2
FileDescription: Aut2Exe
OriginalFilename: Aut2Exe.exe
Translation: 0x0809 0x04b0

TrojanSpy:MSIL/Keylog.B also known as:

CylanceUnsafe
SangforMalware
Cybereasonmalicious.cf8c41
BitDefenderThetaGen:NN.ZexaCO.34106.Kq0@ay07Jqfi
ESET-NOD32a variant of Win32/GenKryptik.EHYW
KasperskyUDS:DangerousObject.Multi.Generic
APEXMalicious
Invinceaheuristic
Trapminemalicious.high.ml.score
FireEyeGeneric.mg.646c053a2055127e
SentinelOneDFI – Malicious PE
Endgamemalicious (high confidence)
ZoneAlarmUDS:DangerousObject.Multi.Generic
MicrosoftTrojanSpy:MSIL/Keylog.B
Acronissuspicious
RisingMalware.Heuristic!ET#92% (RDMK:cmRtazrj+Q53E3PwfFiV7Hkkbgvp)
eGambitUnsafe.AI_Score_90%
Paloaltogeneric.ml
CrowdStrikewin/malicious_confidence_90% (D)

How to remove TrojanSpy:MSIL/Keylog.B?

TrojanSpy:MSIL/Keylog.B removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment