Should I remove “Backdoor:Linux/Gafgyt.A!MTB”?

Malware Removal

The Backdoor:Linux/Gafgyt.A!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Backdoor:Linux/Gafgyt.A!MTB virus can do?

  • Injection (inter-process)
  • Uses Windows utilities for basic functionality
  • Attempts to repeatedly call a single API many times in order to delay analysis time
  • A potential decoy document was displayed to the user
  • Network activity detected but not expressed in API logs

Related domains:

z.whorecord.xyz
a.tomx.xyz

How to determine Backdoor:Linux/Gafgyt.A!MTB?


File Info:

crc32: C0AB0DD7
md5: 9f91d6a930b343d2afc55c9b4f9f978b
name: tmph6qa44mk
sha1: 158f764f326a245f9b31badfe25a936e464a3456
sha256: 081c77e171307525476d164d345e879854b9ef2db8a4b770b181959f41f4d973
sha512: e7730d64e6420d378f4ca36302a8e5447489cc60a57a8a04a410d1ad4217f4ba279a39b6856329a46f64902226159dedb1b33a9879968cc9d62e7b0d5b262527
ssdeep: 1536:raGl927ouDfCnLACvL3nm/MzmH62LGBJJJJJJJJJJJJJJ+BJJJJJJoJJdJHLa:Nk7ouDKLACjXmkiHd2JJJJJJJJJJJJJ
type: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, stripped

Version Info:

0: [No Data]

Backdoor:Linux/Gafgyt.A!MTB also known as:

DrWebLinux.Mirai.2052
ClamAVUnix.Dropper.Mirai-7355719-0
FireEyeGen:Variant.Trojan.Linux.Mirai.3
ALYacGen:Variant.Trojan.Linux.Mirai.3
SangforMalware
BitDefenderThetaGen:NN.Mirai.34128
SymantecTrojan.Gen.NPE
TrendMicro-HouseCallPossible_MIRAI.SMLBO2
AvastELF:Mirai-AFD [Trj]
CynetMalicious (score: 85)
GDataGen:Variant.Trojan.Linux.Mirai.3
KasperskyHEUR:Backdoor.Linux.Mirai.b
BitDefenderGen:Variant.Trojan.Linux.Mirai.3
AegisLabTrojan.Linux.Mirai.K!c
MicroWorld-eScanGen:Variant.Trojan.Linux.Mirai.3
TencentBackdoor.Linux.Mirai.wan
Ad-AwareGen:Variant.Trojan.Linux.Mirai.3
SophosMal/Generic-S
F-SecureMalware.LINUX/Mirai.enoeh
TrendMicroPossible_MIRAI.SMLBO2
McAfee-GW-EditionLnx/Mirai-FEBN!9F91D6A930B3
EmsisoftGen:Variant.Trojan.Linux.Mirai.3 (B)
CyrenE32/Trojan.FCFU-4
JiangminBackdoor.Linux.emzk
AviraLINUX/Mirai.enoeh
Antiy-AVLTrojan[Backdoor]/Linux.Mirai.b
MicrosoftBackdoor:Linux/Gafgyt.A!MTB
ArcabitTrojan.Trojan.Linux.Mirai.3
ZoneAlarmHEUR:Backdoor.Linux.Mirai.b
Avast-MobileELF:Agent-AGS [Trj]
McAfeeLnx/Mirai-FEBN!9F91D6A930B3
MAXmalware (ai score=100)
ESET-NOD32a variant of Linux/Mirai.MN
RisingBackdoor.Mirai!8.E05B (TFE:14:q6qFbY49qMN)
SentinelOneDFI – Malicious ELF
FortinetELF/Mirai.AT!tr
AVGELF:Mirai-AFD [Trj]
Qihoo-360Linux/Backdoor.6f4

How to remove Backdoor:Linux/Gafgyt.A!MTB?

Backdoor:Linux/Gafgyt.A!MTB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

Leave a Comment