Backdoor

What is “Backdoor.Win32.Xyligan.aqlp”?

Malware Removal

The Backdoor.Win32.Xyligan.aqlp is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Backdoor.Win32.Xyligan.aqlp virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Creates RWX memory
  • Anomalous file deletion behavior detected (10+)
  • Dynamic (imported) function loading detected
  • Performs HTTP requests potentially not found in PCAP.
  • Reads data out of its own binary image
  • Authenticode signature is invalid
  • Attempts to modify proxy settings

How to determine Backdoor.Win32.Xyligan.aqlp?



File Info:

name: 3A6F11833A8DD4EFE91C.mlw
path: /opt/CAPEv2/storage/binaries/a54428674bffc69f1f018f43f90a3ba36b3259f16a497ab4dd0f8965a3884415
crc32: BDE3ED2D
md5: 3a6f11833a8dd4efe91cab01e3f9c97c
sha1: bfb9fca19168cf7ac76d16a03875f1d2c07a56a2
sha256: a54428674bffc69f1f018f43f90a3ba36b3259f16a497ab4dd0f8965a3884415
sha512: 85be03835f3c4054c86c19f5aa4fd25c3e07034c9cb6bf217b88907bf2631a695b7a6aa8dee53c9a3c3715d124cebafeb43640ecdfe122736f315aaa6088657e
ssdeep: 6144:XKPB6yWr46lIYpjHJOCprYsBI8K+5p4T8jdTQf8t37gSnW9BC:u+r4YpjHrrYsmPMjdK40SWTC
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T12864C093B1C064F8D0398AF1441B89FA53636D3EC6D08DD767E8FA171DA51A0912BCAF
sha3_384: 7b4a9f997e295901e5682657772e38749e31a327a7710d283c59e3122946d152153931d83495c302fe4fca0ef44635fc
ep_bytes: 81ec8001000053555633db57895c2418
timestamp: 2009-12-05 22:50:58


Version Info:

0: [No Data]

Backdoor.Win32.Xyligan.aqlp also known as:

DrWebTrojan.DownLoader19.57785
MicroWorld-eScanTrojan.GenericKD.47623033
FireEyeTrojan.GenericKD.47623033
CylanceUnsafe
ZillyaBackdoor.Xyligan.Win32.4351
AlibabaBackdoor:Win32/Xyligan.e74fd1d3
Cybereasonmalicious.19168c
AvastWin32:Malware-gen
KasperskyBackdoor.Win32.Xyligan.aqlp
BitDefenderTrojan.GenericKD.47623033
Ad-AwareTrojan.GenericKD.47623033
EmsisoftTrojan.GenericKD.47623033 (B)
ComodoMalware@#74aymixavzwf
McAfee-GW-EditionBehavesLike.Win32.Dropper.fh
SophosGeneric Reputation PUA (PUA)
Paloaltogeneric.ml
GDataTrojan.GenericKD.47623033
Antiy-AVLTrojan/Generic.ASMalwNS.1BB
KingsoftWin32.Troj.Undef.(kcloud)
MicrosoftTrojan:Win32/Wacatac.B!ml
McAfeeArtemis!3A6F11833A8D
MAXmalware (ai score=86)
VBA32Trojan.Downloader
APEXMalicious
SentinelOneStatic AI – Malicious PE
AVGWin32:Malware-gen

How to remove Backdoor.Win32.Xyligan.aqlp?

Backdoor.Win32.Xyligan.aqlp removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment