Backdoor

Should I remove “Backdoor.Farfli.AH”?

Malware Removal

The Backdoor.Farfli.AH is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Backdoor.Farfli.AH virus can do?

  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • CAPE detected the shellcode get eip malware family
  • Touches a file containing cookies, possibly for information gathering
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Backdoor.Farfli.AH?



File Info:

name: B57F16D8DF1B1D6038B7.mlw
path: /opt/CAPEv2/storage/binaries/1942b7db010a2e97191bd89ba10c76a8a7ff15b008f7bf8011f1cba1a30ddfc0
crc32: 5232398D
md5: b57f16d8df1b1d6038b7f143875dde72
sha1: 36d8125af3a27d8afb8736e72160858e171e9aea
sha256: 1942b7db010a2e97191bd89ba10c76a8a7ff15b008f7bf8011f1cba1a30ddfc0
sha512: 2b72038e3052dbf638456e551941cf405b3c36fd0bc0b30613fd80fb83e024f8465005cece8daae13fe4312a12090c43f0be5f443ccd9e6b00107fec08a99047
ssdeep: 3072:Z9jXd5OYkqDMf5kmK+3A5uwkOBQyRa75dFTlq5YT4HoutU:xgVJf5kBCAbfEdFTQS4HoS
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T186E3128286E217FFC458723A0BBCD0735B34D46D7142B2647BFE83772851922FA58979
sha3_384: 942bc8a77a3ecddd72a52ce206c4d00100ef228584f486be94daf5c142c22a9e57ea2fbd57b09772b8f5fcf679b680cc
ep_bytes: 60be000043008dbe0010fdff5789e58d
timestamp: 2008-03-03 03:26:57


Version Info:

0: [No Data]

Backdoor.Farfli.AH also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Hmir.kYQ9
Elasticmalicious (moderate confidence)
MicroWorld-eScanBackdoor.Farfli.AH
FireEyeGeneric.mg.b57f16d8df1b1d60
SkyhighBehavesLike.Win32.Generic.cc
McAfeeArtemis!B57F16D8DF1B
MalwarebytesGeneric.Malware/Suspicious
ZillyaDownloader.RtkDL.Win32.2313
SangforTrojan.Win32.Save.a
AlibabaTrojanDownloader:Win32/RtkDL.082ea2cd
Paloaltogeneric.ml
SymantecML.Attribute.HighConfidence
tehtrisGeneric.Malware
ESET-NOD32a variant of Win32/TrojanDownloader.QQHelper.NDW
APEXMalicious
TrendMicro-HouseCallTROJ_GEN.R002C0CB224
AvastWin32:DropperX-gen [Drp]
ClamAVWin.Trojan.Agent-6833843-0
KasperskyTrojan-Downloader.Win32.Hmir.xut
BitDefenderBackdoor.Farfli.AH
NANO-AntivirusTrojan.Win32.Hmir.biqlwq
TencentWin32.Trojan-Downloader.Hmir.Pjgl
EmsisoftBackdoor.Farfli.AH (B)
F-SecureTrojan.TR/Dropper.Gen
DrWebTrojan.Inject1.4184
VIPREBackdoor.Farfli.AH
TrendMicroTROJ_GEN.R002C0CB224
Trapminemalicious.high.ml.score
SophosMal/Behav-010
IkarusTrojan-Dropper.Farfli
JiangminTrojanDownloader.Hmir.bcy
WebrootW32.Suspicious.Heur
GoogleDetected
AviraTR/Dropper.Gen
VaristW32/Farfly.B.gen!Eldorado
Antiy-AVLTrojan[Downloader]/Win32.Hmir
KingsoftWin32.Troj.Undef.a
MicrosoftTrojan:Win32/DSSDetection
XcitiumTrojWare.Win32.TrojanDownloader.Hmir.~JH14@1px3er
ArcabitBackdoor.Farfli.AH
ZoneAlarmTrojan-Downloader.Win32.Hmir.xut
GDataBackdoor.Farfli.AH
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Hmir.R7773
BitDefenderThetaGen:NN.ZexaF.36804.jmGfaOxUYQn
ALYacBackdoor.Farfli.AH
VBA32BScope.Malware-Cryptor.Pict.62314
Cylanceunsafe
PandaTrj/Genetic.gen
RisingDropper.Win32.Farfli.a (CLASSIC)
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Hmir.AH!tr.dldr
AVGWin32:DropperX-gen [Drp]
DeepInstinctMALICIOUS
alibabacloudTrojan[downloader]:Win/QQHelper.NDW

How to remove Backdoor.Farfli.AH?

Backdoor.Farfli.AH removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment