Worm.Python.Agent

By CagedTech in Worms

Threat Scorecard

Popularity Rank:	8,352
Threat Level:	50 % (Medium)
Infected Computers:	13,795

First Seen:	July 15, 2017
Last Seen:	April 19, 2026
OS(es) Affected:	Windows

Anti-virus products do not always check for the presence of particular cyber threats – sometimes, they look for a particular behavior that is related to malicious software, and use generic descriptions for such files. One of these descriptions is 'Worm.Python.Agent' – it is typically used to refer to a malicious file that exhibits behavior typical for computer worms. This means that it might be able to self-replicate to removable storage, shared network drives, and other accessible storage. As the name of the detection suggests, the threat is likely to be written in the Python programming language.

Although Worm.Python.Agent is used to describe computer worms, you should know that these threats might exhibit additional harmful traits – often, backdoor Trojans have the ability to spread across the network like a computer worm.

Currently, cybercriminals are abusing the chaos surrounding the Coronavirus outbreak to distribute malicious files that are disguised as leaflets or documents regarding the infamous virus. In many cases, these files might be caught as 'Worm.Python.Agent' by your anti-virus software.

Table of Contents

SpyHunter Detects & Remove Worm.Python.Agent

File System Details

Worm.Python.Agent may create the following file(s):

Expand All | Collapse All

#	File Name	MD5	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	f01e5.exe	3217beecdd50219e106b039a4eb1f662	10
Name: f01e5.exe MD5: 3217beecdd50219e106b039a4eb1f662 Size: 23.79 MB (23796187 bytes) Detections: 10 Type: Executable File Path: C:\Users\<username>\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Group: Malware file Last Updated: January 16, 2023
2.	bot.exe	69bc8cc4a9e4e9e16674f13bf208fd0a	6
Name: bot.exe MD5: 69bc8cc4a9e4e9e16674f13bf208fd0a Size: 34.07 MB (34078130 bytes) Detections: 6 Type: Executable File Path: C:\Users\<username>\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Group: Malware file Last Updated: October 24, 2025
3.	tmp566A.tmpg r.exe	4f972d5956b43955b9a0b7f215da76d6	6
Name: tmp566A.tmpg r.exe MD5: 4f972d5956b43955b9a0b7f215da76d6 Size: 11.22 MB (11222699 bytes) Detections: 6 Type: Executable File Path: C:\Users\<username>\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Group: Malware file Last Updated: July 16, 2023
4.	Hhzge.exe	8cc695aede6f46df88287895f79a639f	5
Name: Hhzge.exe MD5: 8cc695aede6f46df88287895f79a639f Size: 11.22 MB (11222694 bytes) Detections: 5 Type: Executable File Path: C:\Users\<username>\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Group: Malware file Last Updated: July 16, 2023
5.	2eff39848b503cef5851c596a5ec669b68f1c1115063b8749fe11090c5e028e3.dll	7112a1006b204998a3587a4677c4478c	4
Name: 2eff39848b503cef5851c596a5ec669b68f1c1115063b8749fe11090c5e028e3.dll MD5: 7112a1006b204998a3587a4677c4478c Size: 16.97 MB (16978192 bytes) Detections: 4 Type: Dynamic link library Group: Malware file Last Updated: October 24, 2025
6.	Synapse Cracker.exe	e6669644bd9ea8c3acdf7a429b0dfa00	4
Name: Synapse Cracker.exe MD5: e6669644bd9ea8c3acdf7a429b0dfa00 Size: 17.89 MB (17891977 bytes) Detections: 4 Type: Executable File Path: C:\Users\<username>\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Group: Malware file Last Updated: November 26, 2022
7.	DuckySploit.exe	0af7af82500defa27a94d10d26fe226f	3
Name: DuckySploit.exe MD5: 0af7af82500defa27a94d10d26fe226f Size: 21.17 MB (21170302 bytes) Detections: 3 Type: Executable File Path: C:\Users\<username>\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Group: Malware file Last Updated: November 26, 2022
8.	Nitro Gen +Checker.exe	3862cfed4cf0c1dcfff667101dd17490	3
Name: Nitro Gen +Checker.exe MD5: 3862cfed4cf0c1dcfff667101dd17490 Size: 10.22 MB (10222604 bytes) Detections: 3 Type: Executable File Path: C:\Users\<username>\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Group: Malware file Last Updated: November 26, 2022
9.	ff196.exe	4a5f3ba4130ab892c1fc4e724e5dbeef	3
Name: ff196.exe MD5: 4a5f3ba4130ab892c1fc4e724e5dbeef Size: 25.59 MB (25594007 bytes) Detections: 3 Type: Executable File Path: C:\Users\<username>\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Group: Malware file Last Updated: November 26, 2022
10.	02641de534a8ac83f24242bb589b9ecb769bd25235e6f345f05c340bcd7c2634.dll	49258619c1582a831ddc18aa30204cdd	2
Name: 02641de534a8ac83f24242bb589b9ecb769bd25235e6f345f05c340bcd7c2634.dll MD5: 49258619c1582a831ddc18aa30204cdd Size: 16.49 MB (16497664 bytes) Detections: 2 Type: Dynamic link library Group: Malware file Last Updated: October 24, 2025
11.	04a5238487b4ed9a00c14a7402c3a7390149310b64cfc743dab9d0329821e578.dll	f4eee3ad65b2b200e83007a2e4d298a3	2
Name: 04a5238487b4ed9a00c14a7402c3a7390149310b64cfc743dab9d0329821e578.dll MD5: f4eee3ad65b2b200e83007a2e4d298a3 Size: 17.6 MB (17608508 bytes) Detections: 2 Type: Dynamic link library Group: Malware file Last Updated: October 24, 2025
12.	04bf1b479f1b502b1e81ed92eca409140202856b15237d7e4e469f019b345e47.dll	e73f2038a303deb3d8f96726d50c94b8	2
Name: 04bf1b479f1b502b1e81ed92eca409140202856b15237d7e4e469f019b345e47.dll MD5: e73f2038a303deb3d8f96726d50c94b8 Size: 11.66 MB (11661762 bytes) Detections: 2 Type: Dynamic link library Group: Malware file Last Updated: October 24, 2025
13.	088da0e42b76740bd0bf7a3ada64268dab7d0df2ed9929296630f209d94e0da6.dll	b074d578e349fc86b5fb690e1e2b5499	2
Name: 088da0e42b76740bd0bf7a3ada64268dab7d0df2ed9929296630f209d94e0da6.dll MD5: b074d578e349fc86b5fb690e1e2b5499 Size: 29.81 MB (29811212 bytes) Detections: 2 Type: Dynamic link library Group: Malware file Last Updated: October 24, 2025
14.	08eab55c5eb9a73e8f6ffef03a4b1f4fc9a005bcc070d63fc59b1672e46e4de6.dll	5cdf921b29da7c868be25b2d246aa5d8	2
Name: 08eab55c5eb9a73e8f6ffef03a4b1f4fc9a005bcc070d63fc59b1672e46e4de6.dll MD5: 5cdf921b29da7c868be25b2d246aa5d8 Size: 17.4 MB (17409095 bytes) Detections: 2 Type: Dynamic link library Group: Malware file Last Updated: October 24, 2025
15.	0a86062ad4c2c16e5bab597ac0c6598f568017b9720bb57a14e3b2e1e26f4f5e.dll	f2d4b5b3d2a82451831bdb936239e3d1	2
Name: 0a86062ad4c2c16e5bab597ac0c6598f568017b9720bb57a14e3b2e1e26f4f5e.dll MD5: f2d4b5b3d2a82451831bdb936239e3d1 Size: 33.93 MB (33935270 bytes) Detections: 2 Type: Dynamic link library Group: Malware file Last Updated: October 24, 2025
16.	0bb0a2111b48afd9ee8186d9b5f81db91d8679d39df5edcf9d3cea6535237c2c.dll	0845da911143f54b864f0f70a7b503ec	2
Name: 0bb0a2111b48afd9ee8186d9b5f81db91d8679d39df5edcf9d3cea6535237c2c.dll MD5: 0845da911143f54b864f0f70a7b503ec Size: 16.92 MB (16920614 bytes) Detections: 2 Type: Dynamic link library Group: Malware file Last Updated: October 24, 2025
17.	1298daf4128053929fbc1c8fe7f536828c7e4b4ff97610a843d80de96e5e908c.dll	20266cdf32490816dd6d84993d43a70d	2
Name: 1298daf4128053929fbc1c8fe7f536828c7e4b4ff97610a843d80de96e5e908c.dll MD5: 20266cdf32490816dd6d84993d43a70d Size: 11.66 MB (11669384 bytes) Detections: 2 Type: Dynamic link library Group: Malware file Last Updated: October 24, 2025
18.	165776db86405be546ddca54fd8f61fd0b32835338f21450c59fb3bbfdb824dc.dll	0db6e0b4907f484211d54bb3456a190d	2
Name: 165776db86405be546ddca54fd8f61fd0b32835338f21450c59fb3bbfdb824dc.dll MD5: 0db6e0b4907f484211d54bb3456a190d Size: 19.27 MB (19276179 bytes) Detections: 2 Type: Dynamic link library Group: Malware file Last Updated: October 24, 2025
19.	1b10af44b46e160c29f5df9d18e20f4c652418c35df8dd8ddd44cb5fe266f5db.dll	2fa56b2ab4b789bef2916b0992e7a182	2
Name: 1b10af44b46e160c29f5df9d18e20f4c652418c35df8dd8ddd44cb5fe266f5db.dll MD5: 2fa56b2ab4b789bef2916b0992e7a182 Size: 16.96 MB (16965738 bytes) Detections: 2 Type: Dynamic link library Group: Malware file Last Updated: October 24, 2025
20.	209b3ddf6e54adc9166caeb01cdd4de55f125a9a74013db282521a790e113832.dll	1227d12c93bc6ddcb7cda61d30a6b0fc	2
Name: 209b3ddf6e54adc9166caeb01cdd4de55f125a9a74013db282521a790e113832.dll MD5: 1227d12c93bc6ddcb7cda61d30a6b0fc Size: 16.96 MB (16969102 bytes) Detections: 2 Type: Dynamic link library Group: Malware file Last Updated: October 24, 2025
21.	27eb2c8077ca04969145e1ac6009b43c9d7e8a985a6d6396cf995c33ca46b4b4.dll	18f00346487206e762ac1886a2821943	2
Name: 27eb2c8077ca04969145e1ac6009b43c9d7e8a985a6d6396cf995c33ca46b4b4.dll MD5: 18f00346487206e762ac1886a2821943 Size: 17.11 MB (17115043 bytes) Detections: 2 Type: Dynamic link library Group: Malware file Last Updated: October 24, 2025
22.	2c304604086bf262c0a347be06b29c79d3473994d19ba7b93fd4b1ff464c4b41.dll	20ed801f031508360ca4a82144d6ca37	2
Name: 2c304604086bf262c0a347be06b29c79d3473994d19ba7b93fd4b1ff464c4b41.dll MD5: 20ed801f031508360ca4a82144d6ca37 Size: 17.35 MB (17359460 bytes) Detections: 2 Type: Dynamic link library Group: Malware file Last Updated: October 24, 2025
23.	2c62b07467f44b41d4cc5d262f6ed5023865be49d5fc6397fff18ab989625cc8.dll	74fb74e601141fb26f8237b08eaf3436	2
Name: 2c62b07467f44b41d4cc5d262f6ed5023865be49d5fc6397fff18ab989625cc8.dll MD5: 74fb74e601141fb26f8237b08eaf3436 Size: 11.66 MB (11661751 bytes) Detections: 2 Type: Dynamic link library Group: Malware file Last Updated: October 24, 2025
24.	2ce25ce9423854ee62434c7d1c39c447b8275697a52a333d7faf7d29eaf7694f.dll	d048f0539a6533aaad45ba65e2c570e0	2
Name: 2ce25ce9423854ee62434c7d1c39c447b8275697a52a333d7faf7d29eaf7694f.dll MD5: d048f0539a6533aaad45ba65e2c570e0 Size: 16.79 MB (16796657 bytes) Detections: 2 Type: Dynamic link library Group: Malware file Last Updated: October 24, 2025
25.	2cf52f36e7955d6b91582886a0f3f57e6866fd9639156b3529fb7cf95833bdf8.dll	c23e48b9a1852c6b059939c68e46f80b	2
Name: 2cf52f36e7955d6b91582886a0f3f57e6866fd9639156b3529fb7cf95833bdf8.dll MD5: c23e48b9a1852c6b059939c68e46f80b Size: 11.74 MB (11746531 bytes) Detections: 2 Type: Dynamic link library Group: Malware file Last Updated: October 24, 2025
26.	2d66e6a62436980e9ca1c20a3328bd9443bff30c1973741b5fc2c405fd88610a.dll	d9f290f4e89190b22ea6acc518278705	2
Name: 2d66e6a62436980e9ca1c20a3328bd9443bff30c1973741b5fc2c405fd88610a.dll MD5: d9f290f4e89190b22ea6acc518278705 Size: 11.7 MB (11700077 bytes) Detections: 2 Type: Dynamic link library Group: Malware file Last Updated: October 24, 2025
27.	2e648818d565bbb6c7d75c8422e0585474ef8935e8a96d729d86c1185f626acf.dll	0dec91b7e1903084cd03994ac60379a4	2
Name: 2e648818d565bbb6c7d75c8422e0585474ef8935e8a96d729d86c1185f626acf.dll MD5: 0dec91b7e1903084cd03994ac60379a4 Size: 11.66 MB (11661765 bytes) Detections: 2 Type: Dynamic link library Group: Malware file Last Updated: October 24, 2025
28.	107785a5e4aec54be8a66d9a44073cef337b122acf581ba8ebfe1e3216628611.dll	c7f0b0343d3ef18d7b12230db3506069	0
Name: 107785a5e4aec54be8a66d9a44073cef337b122acf581ba8ebfe1e3216628611.dll MD5: c7f0b0343d3ef18d7b12230db3506069 Size: 330.08 MB (330080272 bytes) Detections: 0 Type: Dynamic link library Group: Malware file Last Updated: November 11, 2022

More files

Registry Details

Worm.Python.Agent may create the following registry entry or registry entries:

Regexp file mask

%HOMEDRIVE%\boots\syswin.exe

Analysis Report

General information

Family Name:	Worm.Python.Agent
Signature status:	No Signature

Known Samples

MD5: 883efe93e36fa83b43b181664e8a6bc4

SHA1: 4074e206bc137d0d4c9df4c438197dc7644d488b

File Size: 4.73 MB, 4730812 bytes

MD5: 03a96fc826a577d3f91786eab549669d

SHA1: 89dd2d09956dd182c73008ec22578c1d883a0365

SHA256: BBDEF45A796C11A657D766AD8A071943B33652B58FBE937E52716475050CB905

File Size: 2.53 MB, 2528051 bytes

MD5: 5bee25f4229f54c4fe7b435eb453cefa

SHA1: a3ec2f7814be9231953feab965612aef073d6787

SHA256: 8F51D16780140173D2CF9FBAA9329CA4AD10C01D71CAC2A0379B6AFAA5B412FB

File Size: 4.21 MB, 4210688 bytes

MD5: 9e200f616ea40d3b8ce111111e2cc9e3

SHA1: f30fc359b25ea1d1176f87e72c50faf6321c8318

SHA256: 4EFF71CA97C13F925E9F91F2C3F6EC67BB1EF97CE2EB934A1E593DD425F31FCE

File Size: 4.73 MB, 4730812 bytes

MD5: 0a8197f1c7cbac9ffe11fbb40943f40f

SHA1: 68c9c8a4ee49c63705eb0e418ab2c8afe5bd6374

SHA256: DD7654E55FC2317B4D4FB4C901A4C6C0D3486CC0F6C6CED5125C354F7035B267

File Size: 4.73 MB, 4734976 bytes

MD5: 84969cd1bd208c8178de50d579e45e10

SHA1: fd80ef796302d899da07c7c524425a0c97de12a5

SHA256: CDF885BC86849B4E6C91630D5641E9799CC7F34973CF363EEC6E12C8F309FB49

File Size: 7.80 MB, 7801449 bytes

MD5: 370a05c501647dd89b15a8a3e9094302

SHA1: 418addd9b0318e01bc0a30ea6740d38a7e9f5969

SHA256: 7A6EBC1EFE5FADE66108049E9824027096E0EE15F2915726D6782DC232A3428D

File Size: 4.73 MB, 4730812 bytes

Windows Portable Executable Attributes

File doesn't have "Rich" header
File doesn't have debug information
File doesn't have exports table
File doesn't have relocations information
File doesn't have security information
File is 32-bit executable
File is 64-bit executable
File is console application (IMAGE_SUBSYSTEM_WINDOWS_CUI)
File is either console or GUI application
File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)

File is Native application (NOT .NET application)
File is not packed
IMAGE_FILE_DLL is not set inside PE header (Executable)
IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Icons

File Traits

2+ executable sections
big overlay
HighEntropy
No Version Info
WinZip SFX
x86
ZIP (In Overlay)
ZIPinO

Files Modified

File	Attributes
c:\users\user\appdata\local\temp\_mei84962\_bz2.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei84962\_ctypes.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei84962\_decimal.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei84962\_hashlib.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei84962\_lzma.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei84962\_socket.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei84962\_ssl.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei84962\base_library.zip	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei84962\libcrypto-3.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei84962\libffi-8.dll	Generic Write,Read Attributes

c:\users\user\appdata\local\temp\_mei84962\libssl-3.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei84962\python313.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei84962\select.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei84962\unicodedata.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei84962\vcruntime140.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei86722\_bz2.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei86722\_ctypes.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei86722\_decimal.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei86722\_hashlib.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei86722\_lzma.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei86722\_socket.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei86722\_ssl.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei86722\base_library.zip	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei86722\libcrypto-3.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei86722\libffi-8.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei86722\libssl-3.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei86722\python313.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei86722\select.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei86722\unicodedata.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei86722\vcruntime140.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei88562\_bz2.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei88562\_ctypes.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei88562\_decimal.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei88562\_hashlib.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei88562\_lzma.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei88562\_socket.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei88562\_ssl.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei88562\base_library.zip	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei88562\libcrypto-3.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei88562\libffi-8.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei88562\libssl-3.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei88562\python313.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei88562\select.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei88562\unicodedata.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei88562\vcruntime140.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei89682\_bz2.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei89682\_ctypes.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei89682\_decimal.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei89682\_hashlib.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei89682\_lzma.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei89682\_socket.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei89682\_ssl.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei89682\base_library.zip	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei89682\libcrypto-3.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei89682\libffi-8.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei89682\libssl-3.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei89682\python313.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei89682\select.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei89682\unicodedata.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei89682\vcruntime140.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei90282\_bz2.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei90282\_ctypes.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei90282\_decimal.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei90282\_hashlib.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei90282\_lzma.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei90282\_socket.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei90282\_ssl.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei90282\base_library.zip	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei90282\libcrypto-3.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei90282\libffi-8.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei90282\libssl-3.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei90282\python313.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei90282\select.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei90282\unicodedata.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei90282\vcruntime140.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei91522\_bz2.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei91522\_ctypes.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei91522\_decimal.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei91522\_hashlib.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei91522\_lzma.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei91522\_socket.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei91522\_ssl.pyd	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei91522\base_library.zip	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei91522\libcrypto-3.dll	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\_mei91522\vcruntime140.dll	Generic Write,Read Attributes

Windows API Usage

Category	API
Syscall Use	ntdll.dll!NtAlpcConnectPort ntdll.dll!NtAlpcQueryInformation ntdll.dll!NtAlpcSendWaitReceivePort ntdll.dll!NtClose ntdll.dll!NtCreateEvent ntdll.dll!NtDeviceIoControlFile ntdll.dll!NtDuplicateObject ntdll.dll!NtFreeVirtualMemory ntdll.dll!NtOpenDirectoryObject ntdll.dll!NtOpenKey Show More ntdll.dll!NtOpenKeyEx ntdll.dll!NtOpenProcessToken ntdll.dll!NtOpenThreadToken ntdll.dll!NtProtectVirtualMemory ntdll.dll!NtQueryFullAttributesFile ntdll.dll!NtQueryInformationProcess ntdll.dll!NtQueryInformationThread ntdll.dll!NtQueryInformationToken ntdll.dll!NtQueryKey ntdll.dll!NtQuerySecurityAttributesToken ntdll.dll!NtQuerySecurityObject ntdll.dll!NtQuerySystemInformation ntdll.dll!NtQueryValueKey ntdll.dll!NtQueryVirtualMemory ntdll.dll!NtQueryVolumeInformationFile ntdll.dll!NtQueryWnfStateData ntdll.dll!NtReleaseWorkerFactoryWorker ntdll.dll!NtSetEvent ntdll.dll!NtSetInformationWorkerFactory ntdll.dll!NtSetTimer2 ntdll.dll!NtTestAlert ntdll.dll!NtTraceControl ntdll.dll!NtWaitForSingleObject ntdll.dll!NtWaitForWorkViaWorkerFactory ntdll.dll!NtWriteFile ntdll.dll!NtWriteVirtualMemory UNKNOWN win32u.dll!NtUserGetKeyboardLayout win32u.dll!NtUserGetThreadState
Process Manipulation Evasion	NtUnmapViewOfSection
Process Shell Execute	CreateProcess

Shell Command Execution


							c:\users\user\downloads\fd80ef796302d899da07c7c524425a0c97de12a5_0007801449 "c:\users\user\downloads\fd80ef796302d899da07c7c524425a0c97de12a5_0007801449"

EnigmaSoft’s Payment Processor Digital River GmbH Filing for Bankruptcy Does Not Impact SpyHunter Customers’ Anti-Malware Protection

Search

Change Region

Worm.Python.Agent

Threat Scorecard

EnigmaSoft Threat Scorecard

SpyHunter Detects & Remove Worm.Python.Agent

File System Details

Registry Details

Analysis Report

General information

Known Samples

Known Samples

Windows Portable Executable Attributes

Windows Portable Executable Attributes

File Icons

File Icons

File Traits

Files Modified

Files Modified

Windows API Usage

Windows API Usage

Shell Command Execution

Shell Command Execution

Submit Comment

Trending

Trojan.Kryptik.JUD

Trojan.Tofsee.P

Panneyess.com

Most Viewed

Pornktube.porn

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen