Spy Trojan

TrojanSpy:Win32/Usteal.D malicious file

Malware Removal

The TrojanSpy:Win32/Usteal.D is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What TrojanSpy:Win32/Usteal.D virus can do?

  • Possible date expiration check, exits too soon after checking local time
  • The binary likely contains encrypted or compressed data.
  • Detects Sandboxie through the presence of a library
  • Network activity detected but not expressed in API logs
  • Checks the version of Bios, possibly for anti-virtualization
  • Anomalous binary characteristics

How to determine TrojanSpy:Win32/Usteal.D?



File Info:

crc32: A113A936
md5: 54fdf613ba47e0853d1ece25fcbcc528
name: samp_anti_kick.exe
sha1: 61e2969fa2f709d4fc9946ba6e5e423c6d0a60c2
sha256: ba185eefdac4f7d2ea4f4765b8d5e0998ac5a3b6a6e4857dc2d6052a10b0da44
sha512: edcf522978007613588bb6cdbdb8f654c12ae0b969908b0e6c18f3c58a7d17a23315cbe164e77a0482811f9e48cabe59c8c14481895e2c0703abcbdfc91d7c4e
ssdeep: 6144:0FHWH41ZFkon1ne1LgouEK2EPUa3JhWVxyanIsvt+fNXsW5PcumF2H9JfMeMW2j:2Wwrnmgh2E8a3WyanIme8gc9FQMW2jS
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

CompiledScript: AutoIt v3 Script: 3, 3, 6, 1
FileVersion: 3, 3, 6, 1
FileDescription: 
Translation: 0x0809 0x04b0

TrojanSpy:Win32/Usteal.D also known as:

MicroWorld-eScanGen:Variant.Kazy.7022
CAT-QuickHealTrojanSpy.Usteal.D.mue
McAfeeTrojan-FBXH!54FDF613BA47
MalwarebytesSpyware.Password.Usteal
K7AntiVirusTrojan ( 00012a951 )
K7GWTrojan ( 00012a951 )
AgnitumTrojan.FruStealer.Gen.LG
F-ProtW32/Usteal.A.gen!Eldorado
SymantecInfostealer.Ldpinch!g2
NormanUStealer.F
TotalDefenseWin32/YahLover.HidI_I
AvastWin32:Usteal [Spy]
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Variant.Kazy.7022
Ad-AwareGen:Variant.Kazy.7022
EmsisoftGen:Variant.Kazy.7022 (B)
F-SecureGen:Variant.Kazy.7022
DrWebTrojan.PWS.UFR.3724
VIPRETrojan-Spy.Win32.Usteal.da (v)
McAfee-GW-EditionBehavesLike.Win32.CryptDoma.fc
CyrenW32/Usteal.A.gen!Eldorado
AviraTR/Crypt.ULPM.Gen
MicrosoftTrojanSpy:Win32/Usteal.D
GDataGen:Variant.Kazy.7022
AhnLab-V3Trojan/Win32.Ruftar
AVwareTrojan-Spy.Win32.Usteal.da (v)
PandaTrj/CI.A
ESET-NOD32a variant of Win32/Spy.Usteal.C
RisingPE:Trojan.Win32.Generic.1743A0CF!390308047
IkarusTrojan-Spy.Win32.Usteal
FortinetW32/ZBOT.CDL!tr
AVGWin32/Heur

How to remove TrojanSpy:Win32/Usteal.D?

TrojanSpy:Win32/Usteal.D removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment