Backdoor

Backdoor:Win32/Bifrose!mclg removal tips

Malware Removal

The Backdoor:Win32/Bifrose!mclg is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Backdoor:Win32/Bifrose!mclg virus can do?

  • At least one process apparently crashed during execution
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Backdoor:Win32/Bifrose!mclg?



File Info:

name: 10C54D3592A3C2354F66.mlw
path: /opt/CAPEv2/storage/binaries/59db9c590b6808ae85d7f2787650ac4d47cfd14864e006f4660c0ac06b5ea7fd
crc32: 126C261D
md5: 10c54d3592a3c2354f66506bc74938f2
sha1: a64717f9ad15fec94e965e61a589e339edbed1e0
sha256: 59db9c590b6808ae85d7f2787650ac4d47cfd14864e006f4660c0ac06b5ea7fd
sha512: d6025b4194db82d316525a36813bc6fe18741c10e65648abe70d1b1b2056c0ba1c1ade2331d03c12344d6087c9a623c1948b8862009908a1331b4734e3317b64
ssdeep: 1536:c8j2m/qWuR1MOccuAoOJaRkHCHEbA1hqEY88zoe/lgCsflIZKd8:cjUtuRP5eDEbsEmOoOgCImKd8
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1EA73F1A6BF89A106F4BB2AF551B663E945B20E51CB61B47FC6E8412E3C3A5C056F4033
sha3_384: bfef09963640b7d9e0dc85af341cf8a6fe25caa8760243885a04dc296aaa7be90e1cc2288f1c86f89488841212b0e319
ep_bytes: 9c60e80200000033c08bc483c004938b
timestamp: 2011-04-26 01:41:25


Version Info:

CompanyName: Borges
FileDescription: Lucho
LegalCopyright: Sacalo
LegalTrademarks: Trapo
ProductName: Trapo
FileVersion: 4.05.0007
ProductVersion: 4.05.0007
InternalName: newssoft
OriginalFilename: Newsoft.exe
Translation: 0x0409 0x04b0

Backdoor:Win32/Bifrose!mclg also known as:

BkavW32.AIDetect.malware2
LionicTrojan.Win32.VBKrypt.lniI
Elasticmalicious (high confidence)
CynetMalicious (score: 100)
FireEyeGeneric.mg.10c54d3592a3c235
McAfeeGenericRXAA-FA!10C54D3592A3
CylanceUnsafe
VIPRETrojan.Win32.Generic.pak!cobra
SangforBackdoor.Win32.Bifrose.dvif
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaBackdoor:Win32/Bifrose.4993f722
VirITBackdoor.Win32.Bifrost.BFBQ
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Kryptik.VLN
APEXMalicious
Paloaltogeneric.ml
ClamAVWin.Dropper.Vbcheman-9837501-0
KasperskyBackdoor.Win32.Bifrose.dvif
BitDefenderGen:Heur.ManBat.1
NANO-AntivirusTrojan.Win32.Zbot.dsrtv
SUPERAntiSpywareTrojan.Agent/Gen-Bifrose
MicroWorld-eScanGen:Heur.ManBat.1
AvastWin32:Trojan-gen
RisingTrojan.Win32.Generic.12C877C1 (C64:YzY0Op/X4EIJRK7R)
Ad-AwareGen:Heur.ManBat.1
EmsisoftGen:Heur.ManBat.1 (B)
ComodoTrojWare.Win32.VB.DW@4qymt6
DrWebBackDoor.Bifrost.20998
ZillyaBackdoor.Bifrose.Win32.53539
TrendMicroTROJ_GEN.R007C0GIG21
McAfee-GW-EditionBehavesLike.Win32.Generic.lc
SophosMal/Generic-S
SentinelOneStatic AI – Malicious PE
GDataGen:Heur.ManBat.1
JiangminTrojanSpy.Zbot.bcis
WebrootW32.Malware.Gen
AviraTR/Crypt.PEPM.Gen
MAXmalware (ai score=100)
ViRobotTrojan.Win32.A.Zbot.73844
MicrosoftBackdoor:Win32/Bifrose!mclg
AhnLab-V3Backdoor/Win32.Bifrose.R8781
Acronissuspicious
BitDefenderThetaGen:NN.ZexaE.34114.eu0@a0AU2Vfi
ALYacGen:Heur.ManBat.1
TACHYONTrojan-Spy/W32.ZBot.73844
VBA32Backdoor.Bifrose
MalwarebytesMalware.AI.2908499923
ZonerProbably Heur.ExeHeaderP
TrendMicro-HouseCallTROJ_GEN.R007C0GIG21
TencentMalware.Win32.Gencirc.114d035c
YandexTrojanSpy.Zbot!ZpSKzZ/mXSU
IkarusBackdoor.Win32.Bifrose
MaxSecureTrojan.Malware.2428624.susgen
FortinetW32/Zbot.BWKJ!tr.spy
AVGWin32:Trojan-gen
Cybereasonmalicious.592a3c
PandaGeneric Malware

How to remove Backdoor:Win32/Bifrose!mclg?

Backdoor:Win32/Bifrose!mclg removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment