Trojan-Spy.Win32.Zbot.aarix


Detection added: 18.10.2025 14:16:56 (GMT+2)
MD5: D85E171215051F5CA4C084149DAA6B0B
SHA1: E36956CED4D51505436330142DBFFBD53E8E09DE
Behavior: Trojan Program (Trojan Spy)
Just as the name suggests if a program logs your every keystroke, it is considered a key logger. They are designed to steal your passwords and other sensitive information. There are two types of key loggers. One sends the logs to the author via email. Another one is stored in your hard drive. The author however would need the access to your computer in order to view the log. The second program can be installed on public computers, so beware and do not perform any sensitive procedures in public.


Platform: This malware is the Portable Executable (PE) format (is a file format for executables, object code, DLLs, FON Font files, and others used in 32-bit and 64-bit versions of Windows operating systems).

Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP, Windows Vista, Windows 7 (x86/x64), Windows 8 (x86/x64), Windows 10 (x86/x64), Windows 11 (x86/x64)


NOTE: The hash is only listed for the first detected malicious file. SHA/MD5 hash should not be intended as a security/antivirus solution, instead it provides you an additional information, allowing you to identify known malware files.
Learn more about:
 Latest threats
 Nicta Anti-Virus Engine (SDK)
 Anti-Malware Digital Patrol
 Anti-Virus Cloud Engine

Take the following steps to help prevent infection on your computer:
  • Use up-to-date antivirus software.
  • Get the latest updates for Operating system and your installed software.
  • Use strong passwords and password management software.
  • Use caution when opening attachments, accepting file transfers and clicking on links to webpages.