TrojanSpy:Win32/Vlogger.K (file analysis)

The TrojanSpy:Win32/Vlogger.K is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What TrojanSpy:Win32/Vlogger.K virus can do?

Sample contains Overlay data
Authenticode signature is invalid
Anomalous binary characteristics

How to determine TrojanSpy:Win32/Vlogger.K?


File Info:
name: 0936744F3E73B3D083AF.mlw
path: /opt/CAPEv2/storage/binaries/6b8ade5a70c4560287dfd8b4c65ebc6ded99d470fe2493509dc46c47ca8d54be
crc32: 152B3C15
md5: 0936744f3e73b3d083afe6a50b44ad35
sha1: 3907b363767b7acad1fcd85e4993834daf998c78
sha256: 6b8ade5a70c4560287dfd8b4c65ebc6ded99d470fe2493509dc46c47ca8d54be
sha512: 40b43d0b505cf8994e89366d18b1623c2195c123642ce4dc1db1dd8cc87704a2299a6248fdd6aaa58359d7f5b4f5290fa5ef4ac6860c6435a822a06888f60447
ssdeep: 1536:A3HCmZn0Vx7bfkMyc7CyvEpfzmsCYxbdKm+awGUq1o32yo5Rvt:2HCMnQfkMyiCS2xbc8w9z2yo5Rvt
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T165F33B527AC59A60F8453630CFF682FC4A1A7DE79D61B61BA5807B4F6C32B400E1ED2D
sha3_384: 09d89d0ed8f677788c078f7c9ac8f01d35897ec120c854f4045e0384d4c28bbd693ea46fb1c41d94af4098c4f1405281
ep_bytes: 6850304200e8eeffffff000070000000
timestamp: 2004-05-04 09:07:54

Version Info:
0: [No Data]

TrojanSpy:Win32/Vlogger.K also known as:

Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.Vlogger.4!c
MicroWorld-eScan	Trojan.Generic.1748428
Skyhigh	Generic Keylogger.r
McAfee	Generic Keylogger.r
Zillya	Trojan.VB.Win32.7928
Sangfor	Spyware.Win32.Vlogger.V3jj
Alibaba	TrojanSpy:Win32/Vlogger.1257db70
Arcabit	Trojan.Generic.D1AADCC
Symantec	Spyware.BCWinSpy
Cynet	Malicious (score: 100)
Kaspersky	Trojan.Win32.VB.ib
BitDefender	Trojan.Generic.1748428
Avast	Win32:VB-CKB [Trj]
Rising	Trojan.VB!8.B20 (TFE:4:sD5IDQFdAmC)
Emsisoft	Trojan.Generic.1748428 (B)
DrWeb	Trojan.Siggen.39968
VIPRE	Trojan.Generic.1748428
Ikarus	not-a-virus:Monitor.Win32.WinSpy.k
Jiangmin	Trojan/VB.ShareWare.b
Webroot	W32.Spyware.Vlogger.K
Varist	W32/Risk.LUBL-4608
Antiy-AVL	Trojan/Win32.VB
Kingsoft	malware.kb.a.915
Xcitium	Malware@#1impime5llo3e
Microsoft	TrojanSpy:Win32/Vlogger.K
ViRobot	Trojan.Win32.S.VB.163840.D
ZoneAlarm	Trojan.Win32.VB.ib
GData	Trojan.Generic.1748428
Google	Detected
MAX	malware (ai score=99)
Panda	Adware/AccesMembre
MaxSecure	Trojan.Malware.468304.susgen
Fortinet	W32/VB.IB!tr
AVG	Win32:VB-CKB [Trj]
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_60% (W)

How to remove TrojanSpy:Win32/Vlogger.K?

TrojanSpy:Win32/Vlogger.K removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X