Backdoor

Backdoor.Linux.Gafgyt.av removal guide

Malware Removal

The Backdoor.Linux.Gafgyt.av is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Backdoor.Linux.Gafgyt.av virus can do?

  • Injection (inter-process)
  • Injection with CreateRemoteThread in a remote process
  • Reads data out of its own binary image
  • Uses Windows utilities for basic functionality
  • A potential decoy document was displayed to the user
  • Network activity detected but not expressed in API logs
  • Harvests information related to installed mail clients

How to determine Backdoor.Linux.Gafgyt.av?



File Info:

crc32: EA3B21DB
md5: c6999007e5c7efa19f2efaae85b35d68
name: upload_file
sha1: fcdab112019952855d9a1db4cd23967ea3803146
sha256: 7e238add4c7c47a87102765c42d47009ed19f7194973fc9517456a84e3951b35
sha512: e3a1381cc5724f7cf9f319d3e34803a1103c7b6428ea4595184636ab45bc7dae950135ea8b11d1db01ec3d02b7aa5c1654f7e36cabca378af673f692cfd85862
ssdeep: 1536:3QDi9NnIfPJavKdDT4hO3MivRW6lWCsD5hiGP8Wush9K90jUeQfXm:gSIddoU3MiRWlD5hipWuU9K90QeQfXm
type: ELF 32-bit LSB  executable, Renesas SH, version 1 (SYSV), statically linked, not stripped


Version Info:

0: [No Data]

Backdoor.Linux.Gafgyt.av also known as:

MicroWorld-eScanGen:Variant.Trojan.Linux.Gafgyt.5
FireEyeGen:Variant.Trojan.Linux.Gafgyt.5
McAfeeLinux/Gafgyt.h
SangforMalware
TrendMicro-HouseCallBackdoor.Linux.BASHLITE.SMJC
AvastELF:Gafgyt-DZ [Trj]
ClamAVUnix.Trojan.Gafgyt-6981154-0
GDataLinux.Trojan.Gafgyt.B
KasperskyHEUR:Backdoor.Linux.Gafgyt.av
BitDefenderGen:Variant.Trojan.Linux.Gafgyt.5
RisingBackdoor.Gafgyt!1.BB55 (CLASSIC)
Ad-AwareGen:Variant.Trojan.Linux.Gafgyt.5
EmsisoftGen:Variant.Trojan.Linux.Gafgyt.5 (B)
DrWebLinux.BackDoor.Fgt.199
TrendMicroBackdoor.Linux.BASHLITE.SMJC
SophosLinux/DDoS-BI
IkarusTrojan.Linux.Gafgyt
CyrenELF/Gafgyt.C.gen!Camelot
MicrosoftDDoS:Linux/Lightaidra
ArcabitTrojan.Trojan.Linux.Gafgyt.5
ZoneAlarmHEUR:Backdoor.Linux.Gafgyt.av
Avast-MobileELF:Gafgyt-EA [Trj]
AhnLab-V3Linux/Gafgyt.Gen25
BitDefenderThetaGen:NN.Mirai.34144
ALYacGen:Variant.Trojan.Linux.Gafgyt.5
ESET-NOD32a variant of Linux/Gafgyt.AMV
TencentBackdoor.Linux.Gafgyt.df
MAXmalware (ai score=88)
FortinetELF/Gafgyt.QE!tr
AVGELF:Gafgyt-DZ [Trj]

How to remove Backdoor.Linux.Gafgyt.av?

Backdoor.Linux.Gafgyt.av removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment