Categories: Backdoor

Backdoor:Win32/Bifrose.EY removal tips

The Backdoor:Win32/Bifrose.EY is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Backdoor:Win32/Bifrose.EY virus can do?

Sample contains Overlay data
Reads data out of its own binary image
Authenticode signature is invalid
Anomalous binary characteristics

How to determine Backdoor:Win32/Bifrose.EY?


File Info:
name: 4C66D057D9C37B494427.mlwpath: /opt/CAPEv2/storage/binaries/3314d735c7da1447df0bb708e11689d5503c015489318ec73ea0fa8e817ad49ecrc32: 214323BDmd5: 4c66d057d9c37b4944277f749744bbd5sha1: 9c59d6f32ba5ae2442021ca1ce5f83e36e423bd2sha256: 3314d735c7da1447df0bb708e11689d5503c015489318ec73ea0fa8e817ad49esha512: 43aa2c26c63b9bb35f9e654f07e027a74add58a9ae1a1afad6c2de2090bcc9aa9712bcd0d7cd32805e56a4fd10b0397c7bd5adf88dfd98ea0077bea8719e030essdeep: 1536:ggpZhu/Z44Tqx4T/gK8gY0hDKvtI8jXubLW:/h6Z4cbZ8d0hDKvtI8jXuvWtype: PE32 executable (GUI) Intel 80386, for MS Windowstlsh: T15B53E115B348E418F7990CB1682AC7E90C17BD338709E88B76C77F4D2939ADA8D4365Bsha3_384: 1a060e8f12214761d6a8a8444b1cdf37e526a2723d89e2a426fa80b0191289a44b563fd1d37429f71e98d8e9bdac9e74ep_bytes: 555d6a0033c0909090508bece95bfefftimestamp: 2008-09-28 09:32:01
Version Info:
0: [No Data]

Backdoor:Win32/Bifrose.EY also known as:

tehtris	Generic.Malware
MicroWorld-eScan	Trojan.Dropper.TCL
FireEye	Generic.mg.4c66d057d9c37b49
McAfee	BackDoor-CEP.gen.y
Malwarebytes	Bladabindi.Backdoor.Bot.DDS
Zillya	Backdoor.Bifrose.Win32.79617
Sangfor	Suspicious.Win32.Save.ins
Alibaba	Backdoor:Win32/Bifrose.1d5e68da
Cybereason	malicious.7d9c37
BitDefenderTheta	AI:Packer.52CF10B61E
VirIT	Backdoor.Win32.Generic.DN
Cyren	W32/Bifrost.J.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win32/Injector.DG
APEX	Malicious
ClamAV	Win.Trojan.Bifrose-9358
Kaspersky	HEUR:Trojan.Win32.Generic
BitDefender	Trojan.Dropper.TCL
NANO-Antivirus	Trojan.Win32.Bifrose.itjj
Avast	Win32:BackdoorX-gen [Trj]
Tencent	Malware.Win32.Gencirc.10b716ef
Emsisoft	Trojan.Dropper.TCL (B)
F-Secure	Trojan.TR/Dropper.Gen
DrWeb	BackDoor.Bifrost.818
VIPRE	Trojan.Dropper.TCL
TrendMicro	TROJ_CEEINJECT_000001c.TOMA
McAfee-GW-Edition	BackDoor-CEP.gen.y
SentinelOne	Static AI – Suspicious PE
GData	Trojan.Dropper.TCL
Jiangmin	Backdoor/Bifrose.kkt
Google	Detected
Avira	TR/Dropper.Gen
Antiy-AVL	Trojan[Backdoor]/Win32.Bifrose
Xcitium	TrojWare.Win32.Trojan.XPack.~gen1@1rwlif
Arcabit	Trojan.Dropper.TCL
ViRobot	Backdoor.Win32.Bifrose.48559.D
ZoneAlarm	HEUR:Trojan.Win32.Generic
Microsoft	Backdoor:Win32/Bifrose.EY
Cynet	Malicious (score: 100)
AhnLab-V3	Trojan/Win32.Bifrose.R43529
Acronis	suspicious
VBA32	BScope.Backdoor.Bifrose
ALYac	Trojan.Dropper.TCL
MAX	malware (ai score=100)
Cylance	unsafe
TrendMicro-HouseCall	TROJ_CEEINJECT_000001c.TOMA
Rising	Worm.Neeris!1.6595 (CLASSIC)
Yandex	Trojan.GenAsa!w7sfYE73cc8
Ikarus	Trojan-Downloader.Win32.Banload
Fortinet	W32/AutoRun.RKZ!worm
AVG	Win32:BackdoorX-gen [Trj]
Panda	Generic Malware
CrowdStrike	win/malicious_confidence_100% (D)