Backdoor

What is “Backdoor:Linux/Gafgyt.cg!MTB”?

Malware Removal

The Backdoor:Linux/Gafgyt.cg!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Backdoor:Linux/Gafgyt.cg!MTB virus can do?

  • Injection (inter-process)
  • Injection with CreateRemoteThread in a remote process
  • Uses Windows utilities for basic functionality
  • Network activity detected but not expressed in API logs

How to determine Backdoor:Linux/Gafgyt.cg!MTB?



File Info:

crc32: 7B89EE99
md5: b5e6e749331aae9c1bd23d7c6cb10d50
name: upload_file
sha1: f632a952cad97b8c706090e62590a466f2467d6c
sha256: f34076dbb195c25419ba258b8bf1f20371daee74dcf9f0ceb7c517ad07fe6b29
sha512: 706c613e8ad016802de4d0be5bd9b67d45b7a1f51c0c5180e83d4db691c7e3c5dfbec28bef7362f89f4f4b1068fd0395e52550fcf3c3f20dd72538540d38c259
ssdeep: 1536:d51P1I5s+hzXNM5ctDtdphlZenkqwpcmQWFqis/xOePri:p1IBzXN869XZenkbpcmQWFqiYxOuri
type: ELF 32-bit MSB  executable, SPARC version 1 (SYSV), statically linked, not stripped


Version Info:

0: [No Data]

Backdoor:Linux/Gafgyt.cg!MTB also known as:

ClamAVUnix.Trojan.Tsunami-6981155-0
FireEyeGen:Variant.Trojan.Linux.Gafgyt.5
McAfeeGenericRXMF-EQ!B5E6E749331A
CyrenE32/Gafgyt.D.gen!Camelot
TrendMicro-HouseCallBackdoor.Linux.BASHLITE.SMJC10
KasperskyHEUR:Backdoor.Linux.Gafgyt.a
BitDefenderGen:Variant.Trojan.Linux.Gafgyt.5
MicroWorld-eScanGen:Variant.Trojan.Linux.Gafgyt.5
Ad-AwareGen:Variant.Trojan.Linux.Gafgyt.5
EmsisoftGen:Variant.Trojan.Linux.Gafgyt.5 (B)
DrWebLinux.BackDoor.Fgt.1445
TrendMicroBackdoor.Linux.BASHLITE.SMJC10
IkarusTrojan.Linux.Gafgyt
GDataGen:Variant.Trojan.Linux.Gafgyt.5
MicrosoftBackdoor:Linux/Gafgyt.cg!MTB
ArcabitTrojan.Trojan.Linux.Gafgyt.5
ZoneAlarmHEUR:Backdoor.Linux.Gafgyt.a
AhnLab-V3Linux/Gafgyt.Gen28
BitDefenderThetaGen:NN.Mirai.34298
ALYacGen:Variant.Trojan.Linux.Gafgyt.5
ESET-NOD32a variant of Linux/Gafgyt.ARN
RisingBackdoor.Gafgyt!8.56E (TFE:1A:ikoOjeRzYX)
MAXmalware (ai score=87)
FortinetELF/Gafgyt.ARN!tr
AVGELF:Mirai-AYX [Trj]

How to remove Backdoor:Linux/Gafgyt.cg!MTB?

Backdoor:Linux/Gafgyt.cg!MTB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment