Categories: Backdoor

About “Backdoor.WebShell” infection

The Backdoor.WebShell is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Backdoor.WebShell virus can do?

CAPE extracted potentially suspicious content
Authenticode signature is invalid
Anomalous .NET characteristics

How to determine Backdoor.WebShell?


File Info:
name: E1C50C9B74E392F04CA2.mlwpath: /opt/CAPEv2/storage/binaries/10b6fc8f9ae8a055617c3a2db3fe10c04e0d2170bbb1392e4e11fed5773618eccrc32: 8DCD0F79md5: e1c50c9b74e392f04ca257646df4e617sha1: b14fb13cb11bdee11fc601791e535cc635a039d2sha256: 10b6fc8f9ae8a055617c3a2db3fe10c04e0d2170bbb1392e4e11fed5773618ecsha512: ce2f5a2c31c5791332a930984f6eb1d0c2e5536d16ec6f4f8483024c9c4057481473117bd8b3476b2999d1f205f35746b653ec733c00141ee37ec93b77ab8d4fssdeep: 96:6cdfkAngBAXVjbVJyySs1AKAzMlB87Zzp+wtSj:6kXFljZJyps1TAzIB877vsjtype: PE32 executable (DLL) (GUI) Intel 80386, for MS Windowstlsh: T150C1E70BBB98CB3BC57F8B3AA6A2874717B5D5199613DB1E1CC4119C6C8371817B07E1sha3_384: 32f4c8cfbc4569d5069059eaeec86e0eb3a07fc5ed33d9f99b03b460683bc8d21273f595731feed47adebea0c0357077ep_bytes: ff250020001000000000000000000000timestamp: 2023-11-28 20:32:00
Version Info:
Translation: 0x0000 0x04b0FileDescription:  FileVersion: 0.0.0.0InternalName: App_Web_fs4w0tzc.dllLegalCopyright:  OriginalFilename: App_Web_fs4w0tzc.dllProductVersion: 0.0.0.0Assembly Version: 0.0.0.0

Backdoor.WebShell also known as:

Bkav	W32.AIDetectMalware.CS
Elastic	malicious (high confidence)
MicroWorld-eScan	Trojan.GenericKDZ.104569
ClamAV	Win.Packed.Webshell-10016062-0
CAT-QuickHeal	Backdoor.WebShell
McAfee	GenericRXVF-WD!E1C50C9B74E3
Malwarebytes	Trojan.WebShell
CrowdStrike	win/malicious_confidence_100% (W)
K7GW	Trojan ( 005b19ee1 )
K7AntiVirus	Trojan ( 005b19ee1 )
Symantec	Trojan.Gen.MBT
ESET-NOD32	a variant of MSIL/Webshell.EV
APEX	Malicious
Emsisoft	Trojan.GenericKDZ.104569 (B)
F-Secure	Trojan.TR/Dropper.MSIL.Gen
DrWeb	BackDoor.WebshellNET.9
Sophos	Mal/Generic-S
SentinelOne	Static AI – Malicious PE
Varist	W32/Trojan.IIE.gen!Eldorado
Avira	TR/Dropper.MSIL.Gen
Arcabit	Trojan.Generic.D19879
ZoneAlarm	HEUR:Backdoor.MSIL.WebShell.gen
Microsoft	Backdoor:MSIL/Webshell.BB!MTB
Google	Detected
AhnLab-V3	Trojan/Win.Generic.C5342975
TACHYON	Backdoor/W32.DN-WebShell.6144.K
DeepInstinct	MALICIOUS
Tencent	Backdoor.MSIL.WebShell.ki
Ikarus	Trojan.MSIL.Webshell
MaxSecure	Trojan.Malware.121218.susgen
Fortinet	W32/Webshell.EE!tr
Panda	Trj/GdSda.A