Categories: Backdoor

How to remove “Backdoor.Win32.Agent.myufiy”?

The Backdoor.Win32.Agent.myufiy is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Backdoor.Win32.Agent.myufiy virus can do?

SetUnhandledExceptionFilter detected (possible anti-debug)
Yara rule detections observed from a process memory dump/dropped files/CAPE
Presents an Authenticode digital signature
Possible date expiration check, exits too soon after checking local time
Dynamic (imported) function loading detected
Drops a binary and executes it
Unconventionial language used in binary resources: Icelandic
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid
Uses Windows utilities for basic functionality
Created a process from a suspicious location
Installs itself for autorun at Windows startup
Detects the presence of Windows Defender AV emulator via files
Anomalous binary characteristics

How to determine Backdoor.Win32.Agent.myufiy?


File Info:
name: A189C752B20F2BFA4DC9.mlwpath: /opt/CAPEv2/storage/binaries/1e9bb7bea72e503193f0f4dffea1aa002767e02b481f0667796c2272f7331c56crc32: 5A06C383md5: a189c752b20f2bfa4dc9f2184f896a5csha1: abeec4aa8dd65bac781ddc67809cc0a04025bdd7sha256: 1e9bb7bea72e503193f0f4dffea1aa002767e02b481f0667796c2272f7331c56sha512: 9b410c9eab2fb932a13356f72a918fd853fab41b2b5de9ad7dab8288f4c5535d544bfa20fff030ecfdb46176bacc26c0ec7a90058adf9de25d8534a24adc7cd5ssdeep: 12288:tkfQbYiI4RUv23pKZpIZNaUZZmZsE/DdWgbBaZ/+OFPRZrweG+sm39G/5myyFhzM:iTqO2Z2rWZmZsE59a9+OFpbCyFh52type: PE32 executable (GUI) Intel 80386, for MS Windowstlsh: T1AF259B2D69C280F1EF94467E4BB5C152062BECA9DBD41BC763C832FA1EA2D84553C1DEsha3_384: 204841333e863ab102f38f63bca10de92740b7a71d40a1e818deabadd641bb0f783ddd06b1882da091c1a3b1c5928893ep_bytes: e821060000e944fdffffcccccccccc3btimestamp: 2008-01-19 05:47:29
Version Info:
Comments: EZSignIt Code Signer by Chris Long 2008-2020.FileDescription: EZSignIt Code Signer by Chris Long 2008-2020.LegalCopyright: Copyright by Chris Long 2020. All rights reserved.ProductName: EZSignIt Code SignerFileVersion: 3.05ProductVersion: 3.05InternalName: EZSignItOriginalFilename: EZSignIt.exeTranslation: 0x0409 0x04b0

Backdoor.Win32.Agent.myufiy also known as:

Lionic	Trojan.Win32.Agent.m!c
Elastic	malicious (high confidence)
MicroWorld-eScan	Trojan.GenericKD.37756541
FireEye	Trojan.GenericKD.37756541
McAfee	RDN/Generic BackDoor
Cylance	Unsafe
Sangfor	Backdoor.Win32.Agent.myufiy
K7AntiVirus	Trojan ( 00588b361 )
Alibaba	Packed:Win32/AVEvader.0f781b44
K7GW	Trojan ( 00588b361 )
Cyren	W32/Agent.DMM.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/Packed.CAB.AQ suspicious
APEX	Malicious
Paloalto	generic.ml
ClamAV	Win.Trojan.Generic-9918341-0
Kaspersky	Backdoor.Win32.Agent.myufiy
BitDefender	Trojan.GenericKD.37756541
Avast	Win32:Malware-gen
Emsisoft	Trojan.GenericKD.37756541 (B)
Comodo	ApplicUnwnt@#y7n0gk2ivhnq
Zillya	Backdoor.Agent.Win32.82365
TrendMicro	Backdoor.Win32.SABSIK.USASHJJ21
McAfee-GW-Edition	RDN/Generic BackDoor
Sophos	Mal/Generic-S
Webroot	W32.Adware.Gen
Avira	BDS/Agent.bnwqm
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
ViRobot	Trojan.Win32.Z.Agent.980768
GData	Trojan.GenericKD.37756541
Cynet	Malicious (score: 100)
AhnLab-V3	Infostealer/Win.CryptBot.R443737
ALYac	Trojan.GenericKD.37756541
MAX	malware (ai score=89)
Malwarebytes	Trojan.MalPack
TrendMicro-HouseCall	Backdoor.Win32.SABSIK.USASHJJ21
eGambit	PE.Heur.InvalidSig
Fortinet	Riskware/BackDoor
AVG	Win32:Malware-gen
Panda	Trj/CI.A
CrowdStrike	win/malicious_confidence_70% (W)
MaxSecure	Trojan.Malware.9530778.susgen