Categories: Backdoor

About “Backdoor.Bifrose.ZXE” infection

The Backdoor.Bifrose.ZXE is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Backdoor.Bifrose.ZXE virus can do?

Behavioural detection: Executable code extraction – unpacking
Sample contains Overlay data
Reads data out of its own binary image
CAPE extracted potentially suspicious content
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid
CAPE detected the embedded win api malware family
Anomalous binary characteristics
Yara detections observed in process dumps, payloads or dropped files

How to determine Backdoor.Bifrose.ZXE?


File Info:
name: 058483A555C96CCF6C0B.mlwpath: /opt/CAPEv2/storage/binaries/c0ee7544d8ff96fd4e5a3c160bc27d899ce70ec202a15cd3062d74bfa742eb6dcrc32: 22EEF080md5: 058483a555c96ccf6c0b8acd4ab35f61sha1: 4c2408fc5fcd4b65d0e846414c4bff4f256bbe27sha256: c0ee7544d8ff96fd4e5a3c160bc27d899ce70ec202a15cd3062d74bfa742eb6dsha512: 1b5ddcc0fb9dbf95457aac749e70578a89e8dc6cd6ecb725ff18fba486bcfd35f307038951810945c9521278f1a2d5d20181943e24f60bc766b6ba780ddc911assdeep: 768:HevFIYm0on6HGavZRtQffoaFNnioeQpYG+ZeCdQzxBenxuUk/zFX9i4DEi/mwI0w:6cV6HGavqga0rESZ85Q4k0LvvHc22type: PE32 executable (GUI) Intel 80386, for MS Windowstlsh: T17A43E18219CD57C4C0FF6FBC0A6B4E25224588E7CC0E1CBB5EA476486CB83E54EA159Esha3_384: 8f45ba1d8cb5047976eeaa422315ae8937c4e92bc230929921a5834552e00dda52ac6ece3d449535b4c9a6964865ba71ep_bytes: 558bec83ec4456ff15141040008bf08atimestamp: 2007-10-12 16:52:12
Version Info:
0: [No Data]

Backdoor.Bifrose.ZXE also known as:

Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.Bifrose.l61K
MicroWorld-eScan	Backdoor.Bifrose.ZXE
FireEye	Generic.mg.058483a555c96ccf
Skyhigh	BehavesLike.Win32.Backdoor.qc
McAfee	BackDoor-CEP.gen.g
Cylance	unsafe
Zillya	Backdoor.Bifrose.Win32.41901
Sangfor	Suspicious.Win32.Save.a
K7AntiVirus	Trojan ( 004bc2ad1 )
Alibaba	Backdoor:Win32/Bifrose.a87d45d6
K7GW	Trojan ( 004bc2ad1 )
Cybereason	malicious.c5fcd4
BitDefenderTheta	AI:Packer.6E64B81F1F
VirIT	Trojan.Win32.Agent.CGC
Symantec	Backdoor.Bifrose
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win32/Bifrose
APEX	Malicious
Cynet	Malicious (score: 100)
Kaspersky	HEUR:Trojan.Win32.Generic
BitDefender	Backdoor.Bifrose.ZXE
NANO-Antivirus	Trojan.Win32.Bifrose.jddd
Avast	Win32:Bifrose-DQR [Trj]
Rising	Backdoor.Win32.Bifrose.fdk (CLASSIC)
TACHYON	Trojan/W32.Midgare.55629
Emsisoft	Backdoor.Bifrose.ZXE (B)
Baidu	Win32.Backdoor.Bifrose.ab
F-Secure	Backdoor.BDS/Bifrose.aleo
DrWeb	BackDoor.Bifrost.790
VIPRE	Backdoor.Bifrose.ZXE
TrendMicro	BKDR_BIFROSE.GAT
Trapmine	malicious.high.ml.score
Sophos	Troj/Bifrose-WC
Ikarus	Backdoor.Win32.Bifrose
Jiangmin	Backdoor/Agent.bahs
Webroot	W32.Bifrose.Gen
Varist	W32/Agent.CO.gen!Eldorado
Avira	BDS/Bifrose.aleo
Antiy-AVL	Trojan/Win32.Midgare
Kingsoft	Win32.Trojan.Generic.a
Microsoft	Backdoor:Win32/Bifrose.AE
Xcitium	Backdoor.Win32.Bifrost.~R@7oqs
Arcabit	Backdoor.Bifrose.ZXE
ViRobot	Backdoor.Win32.Bifrose.55629.D
ZoneAlarm	HEUR:Trojan.Win32.Generic
GData	Backdoor.Bifrose.ZXE
Google	Detected
AhnLab-V3	Trojan/Win32.Bifrose.R28436
VBA32	Backdoor.Bifrose
ALYac	Backdoor.Bifrose.ZXE
MAX	malware (ai score=100)
Malwarebytes	Generic.Malware.AI.DDS
Panda	Generic Malware
TrendMicro-HouseCall	BKDR_BIFROSE.GAT
Tencent	Malware.Win32.Gencirc.13bc6185
Yandex	Trojan.Agent!9n21svaR0hw
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.790539.susgen
Fortinet	W32/Refroso.CEP!tr
AVG	Win32:Bifrose-DQR [Trj]
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_100% (W)