Application.Apophis_Spy

Application.Apophis_Spy Description

Application.Apophis_Spy is a keylogging application that secretly runs in the background of an infected computer. Application.Apophis_Spy records a victim's keystrokes and gathers information such as credit card information and passwords. The stolen information is either stored in the computer for later retrieval or e-mailed to a predefined address as soon as possible. If Application.Apophis_Spy is not removed, it will lead to privacy violation and a possible case of Identity Theft.

Aliases: Worm/AutoRun.MB [AVG], W32/AutoIt.GO!worm [Fortinet], Trojan-Downloader.Win32.Banload [Ikarus], Net-Worm.SillyFDC!rem, Worm.AutoIt.va, Trojan/Win32.Downloader [AhnLab-V3], Worm/AutoIt.nyp, Trojan-Downloader.Win32.Banload!IK, Trojan.Win32.AutoIt.gen.1 (v), Win32.HLLW.Autoruner.19532 [DrWeb], W32/AutoIt-JY [Sophos], Trojan.Agent/Gen-Fake[SCVost], Worm.Win32.AutoIt.va [Kaspersky], BV:Malware-gen [Avast] and Mal_Banker.

Technical Information

File System Details

Application.Apophis_Spy creates the following file(s):
# File Name Size MD5 Detection Count
1 %TEMP%\tmp1589eb14\KillEXE.exe 237,056 f4433398965a9be095e4b7126fad9609 57
2 %WINDIR%\system32\hkicmd.exe 495,616 373ee61eb6c04fc71eba7159e30a990e 7
3 %WINDIR%ipdili.dll 110,592 0d5f093c799aa96499d867bcbd915dfd 6
4 c:\RECYCLER\R-1-5-21-1482476501-1644491937-682003330-1013\acleaner.exe 45,335 420460f50dc229df4a5a278d5a98a5e5 5
5 %WINDIR%svchost.exe 69,200 87177979a1140db95f3cba50206220fe 2
6 %WINDIR%scvost.com 373,777 8279d1a289a3505eb981e9052b4604a9 2
7 %WINDIR%\SysWow64\nsy4415.dll 1,290,240 0bca006592a1710dbc8813593df055d7 1
8 %WINDIR%\system32\M-C2-GcrHu7.dll 2,124,800 ac1458f49cdbcaa99389576247d3472b 1
9 %WINDIR%\system32\9dace4f8.dll 2,627,584 68889a25bdb6e40c347f5c3b168f8582 1
10 %TEMP%rqcovth.exe 57,344 9db1fd2f98faeba943f64f18511ea699 1
11 %APPDATA%\SysWin\lsass.exe 201,728 194470237e14d61caa4e8a4faa5f05db 1
12 %WINDIR%\system32\o_W-o4KLc--8M.dll 2,123,776 5c75031a80f9a5e591c9d7fff7ba6a4f 1
More files

Site Disclaimer

Enigmasoftware.com is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.