Spy Trojan

UDS:Trojan-Spy.Win32.Stealer.ctnm removal guide

Malware Removal

The UDS:Trojan-Spy.Win32.Stealer.ctnm is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What UDS:Trojan-Spy.Win32.Stealer.ctnm virus can do?

  • Sample contains Overlay data
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid

How to determine UDS:Trojan-Spy.Win32.Stealer.ctnm?


File Info:

name: 3826505D0457C2FC2024.mlw
path: /opt/CAPEv2/storage/binaries/5202870b0543bdb660c949639f23774c0fd6258cd627729e42f504c73b520d10
crc32: 9529BA1F
md5: 3826505d0457c2fc2024964ca0f5c40f
sha1: da9458cd022525425682f2f7db89864aea04efd8
sha256: 5202870b0543bdb660c949639f23774c0fd6258cd627729e42f504c73b520d10
sha512: dd32cf02c096331e5293879703473ff6ee99cf58097c453ba91f801a427134fa35b74fb7749c3a7a1560faf7a58d2c4b8ab09ffec018ca0f113f97c272ccfde2
ssdeep: 24576:e/IgYBHadgaobTKYVYB2AAlDAM4gdgXLkt+vp0UWC8Hmy6LsFLHQl3RuQ55313i:yInB6dgaobq96+vpP8Hb6LsFjQl3E
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T1F2C51A135A8B0D75DDD23BB4A1CB633AA734ED30CA3A9B7FB608C43959532C56C1A742
sha3_384: 22f2219e70aea3597986a7d75a122ea62d185a4a1072aca10c158a64239f14a4ceb682f481a4f8f6770edc6e1d594984
ep_bytes: 83ec0cc705b823530000000000e87ee9
timestamp: 2022-10-05 02:40:59

Version Info:

0: [No Data]

UDS:Trojan-Spy.Win32.Stealer.ctnm also known as:

BkavW32.AIDetect.malware2
LionicTrojan.Win32.Agent.Y!c
CynetMalicious (score: 100)
McAfeeArtemis!3826505D0457
CylanceUnsafe
CrowdStrikewin/malicious_confidence_60% (W)
BitDefenderTrojan.GenericKDZ.92645
K7GWTrojan ( 005959c81 )
K7AntiVirusTrojan ( 005959c81 )
CyrenW32/Trojan.HLPX-5019
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Kryptik.HQDK
Paloaltogeneric.ml
KasperskyUDS:Trojan-Spy.Win32.Stealer.ctnm
AlibabaTrojan:Win32/Kryptik.acb55d71
NANO-AntivirusTrojan.Win32.Reline.jqxway
MicroWorld-eScanTrojan.GenericKDZ.92645
RisingBackdoor.Convagent!8.123DC (TFE:5:HydQ2ax9ETK)
Ad-AwareTrojan.GenericKDZ.92645
EmsisoftTrojan.GenericKDZ.92645 (B)
TrendMicroTrojanSpy.Win32.REDLINE.YXCJGZ
FireEyeTrojan.GenericKDZ.92645
SophosTroj/Steal-CYW
MAXmalware (ai score=89)
Antiy-AVLTrojan/Generic.ASMalwS.50E8
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
ArcabitTrojan.Generic.D169E5
GDataWin32.Trojan.PSE.14K7H74
GoogleDetected
AhnLab-V3Trojan/Win.US.R524756
VBA32BScope.Trojan.Inject
ALYacTrojan.GenericKDZ.92645
MalwarebytesMalware.AI.731130628
IkarusTrojan.Win32.RedlineStealer
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/RedLineStealer.D!tr
BitDefenderThetaGen:NN.ZexaF.34698.H!Z@a49Zmjf
AVGWin32:CrypterX-gen [Trj]
AvastWin32:CrypterX-gen [Trj]

How to remove UDS:Trojan-Spy.Win32.Stealer.ctnm?

UDS:Trojan-Spy.Win32.Stealer.ctnm removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment