Backdoor

What is “Backdoor.Win32.Agent.myublh”?

Malware Removal

The Backdoor.Win32.Agent.myublh is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Backdoor.Win32.Agent.myublh virus can do?

  • Presents an Authenticode digital signature
  • Reads data out of its own binary image
  • A process created a hidden window
  • Unconventionial language used in binary resources: Russian
  • The binary likely contains encrypted or compressed data.
  • Uses Windows utilities for basic functionality
  • Anomalous binary characteristics

Related domains:

z.whorecord.xyz
a.tomx.xyz

How to determine Backdoor.Win32.Agent.myublh?



File Info:

crc32: E13FED17
md5: 953bab77ba5754cf86438dbf01e26b47
name: 953BAB77BA5754CF86438DBF01E26B47.mlw
sha1: 6ffe8ce5cc89597452b02b1a7fd788f2e92fa5f6
sha256: 2710e8f6c6d2b15a1d561fc24c7d89cd1eff21c3c19ddef30f620a11b213629a
sha512: b117f21f33dab6655c01f3be4d79104644943832155c173e2c94b6d973263a12483c097cd6cb396f1421d7a58d0f85a264d1e1d52e5412569bfbf6eb46de7873
ssdeep: 24576:lRBkWuJT2C82Re4A547KFNaMwVJ7rr60zV5pThLwfyoTLt4XLMQjRLeCu4yX5fZb:lno2kc9Fch1f6ApThLxFbM+RJpwfJMM
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: Copyright xa9 2005-2015 Oleg N. Scherbakov
InternalName: 7ZSfxMod
FileVersion: 1.6.0.3574
CompanyName: Oleg N. Scherbakov
PrivateBuild: May 11, 2015
ProductName: 7-Zip SFX
ProductVersion: 1.6.0.3574
FileDescription: 7z Setup SFX (x86)
OriginalFilename: 7ZSfxMod_x86.exe
Translation: 0x0000 0x04b0

Backdoor.Win32.Agent.myublh also known as:

McAfeeArtemis!953BAB77BA57
SangforBackdoor.Win32.Agent.ky
CrowdStrikewin/malicious_confidence_70% (D)
AlibabaBackdoor:Win32/Generic.3dfa1cb5
SymantecML.Attribute.HighConfidence
AvastFileRepMalware
ClamAVWin.Malware.Generic-9865508-0
KasperskyBackdoor.Win32.Agent.myublh
BitDefenderTrojan.GenericKD.36995246
MicroWorld-eScanTrojan.GenericKD.36995246
Ad-AwareTrojan.GenericKD.36995246
McAfee-GW-EditionArtemis!Trojan
FireEyeTrojan.GenericKD.36995246
EmsisoftTrojan.GenericKD.36995246 (B)
JiangminTrojan.Injuke.ijw
eGambitPE.Heur.InvalidSig
MicrosoftTrojan:Win32/Wacatac.B!ml
AegisLabTrojan.Win32.Agent.m!c
GDataTrojan.GenericKD.36995246
MAXmalware (ai score=83)
MalwarebytesMalware.AI.3079512006
PandaTrj/Agent.BER
FortinetW32/Agent.SFX!tr
AVGFileRepMalware
Paloaltogeneric.ml

How to remove Backdoor.Win32.Agent.myublh?

Backdoor.Win32.Agent.myublh removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment