Categories: Backdoor

Backdoor.LuminosityLink.Generic (file analysis)

The Backdoor.LuminosityLink.Generic is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Backdoor.LuminosityLink.Generic virus can do?

Injection (inter-process)
Injection (Process Hollowing)
Creates RWX memory
Expresses interest in specific running processes
Reads data out of its own binary image
Uses Windows utilities for basic functionality
Executed a process and injected code into it, probably while unpacking
Sniffs keystrokes
Installs itself for autorun at Windows startup
Creates a hidden or system file
Creates a copy of itself
Generates some ICMP traffic

Related domains:

tinbieber.duckdns.org

How to determine Backdoor.LuminosityLink.Generic?


File Info:
crc32: A43EA71Dmd5: 8c3b8b9abe27156a2634bdbdd8100000name: 8C3B8B9ABE27156A2634BDBDD8100000.mlwsha1: 481417981e7c0cb60608e114df633690330fd389sha256: 00451a65a9e5bbfeaebfd8b5fcc6d48260447e3069a00fa39089eab455db58d9sha512: 935d2bd8e1e47da7a46452f9f1d9df5a623093de863a5a4966fbe5fc08b04554eba5532c9a28deaf6d2a1897b191a0c351f61bfae3d3949e29357d0129a6d410ssdeep: 24576:x4lavt0LkLL9IMixoEgeaHQ9gSq60q9MmCS:Akwkn9IMHeaHQ98baPCStype: PE32 executable (GUI) Intel 80386, for MS Windows
Version Info:
Translation: 0x0809 0x04b0

Backdoor.LuminosityLink.Generic also known as:

Bkav	W32.AIDetect.malware1
K7AntiVirus	Trojan ( 700000111 )
Lionic	Trojan.MSIL.Bladabindi.4!c
DrWeb	Trojan.DownLoad4.9768
MicroWorld-eScan	AIT:Trojan.Nymeria.279
CAT-QuickHeal	TrojanDnldr.Autoit.Lepoh.ZZ
ALYac	AIT:Trojan.Nymeria.279
Malwarebytes	Backdoor.LuminosityLink.Generic
CrowdStrike	win/malicious_confidence_90% (D)
Alibaba	Backdoor:MSIL/Bladabindi.048ff29f
K7GW	Trojan ( 700000111 )
Cybereason	malicious.abe271
Cyren	W32/Faker.E.gen!Eldorado
Symantec	Trojan.Gen.MBT
ESET-NOD32	a variant of Win32/Injector.Autoit.DGL
APEX	Malicious
Avast	FileRepMalware
Cynet	Malicious (score: 100)
Kaspersky	Backdoor.MSIL.Bladabindi.aoqk
BitDefender	AIT:Trojan.Nymeria.279
NANO-Antivirus	Trojan.Win32.Bladabindi.ezeumz
Tencent	Msil.Backdoor.Bladabindi.Ebhb
Ad-Aware	AIT:Trojan.Nymeria.279
Sophos	Mal/Generic-S
Comodo	Malware@#22zm209udkjtw
BitDefenderTheta	AI:Packer.5D31EBE116
VIPRE	Trojan.Win32.Generic!BT
TrendMicro	TROJ_HPUTOTI.SMQ
McAfee-GW-Edition	BehavesLike.Win32.Ursnif.th
FireEye	Generic.mg.8c3b8b9abe27156a
Emsisoft	AIT:Trojan.Nymeria.279 (B)
Avira	DR/AutoIt.Gen8
eGambit	Unsafe.AI_Score_80%
GData	AIT:Trojan.Nymeria.279 (2x)
McAfee	Packed-FBI!8C3B8B9ABE27
MAX	malware (ai score=98)
VBA32	Backdoor.MSIL.Bladabindi
Panda	Trj/CI.A
TrendMicro-HouseCall	TROJ_HPUTOTI.SMQ
Ikarus	Trojan.Win32.Injector
Fortinet	AutoIt/Injector.EFC!tr
AVG	FileRepMalware
Paloalto	generic.ml