Backdoor

Backdoor:Win32/Bifrose!pz removal tips

Malware Removal

The Backdoor:Win32/Bifrose!pz is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Backdoor:Win32/Bifrose!pz virus can do?

  • Sample contains Overlay data
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Behavioural detection: Injection (Process Hollowing)
  • Behavioural detection: Injection (inter-process)
  • Anomalous binary characteristics

How to determine Backdoor:Win32/Bifrose!pz?



File Info:

name: DED56E50C1F35C048571.mlw
path: /opt/CAPEv2/storage/binaries/ad2290e789ea791c8a54eebda0858957526232e07934bfd848a790adee3075ed
crc32: 1289986D
md5: ded56e50c1f35c04857165afa00bb3c3
sha1: a5d639b7ca8248633f031be06778a9acdcebb486
sha256: ad2290e789ea791c8a54eebda0858957526232e07934bfd848a790adee3075ed
sha512: 365d3c96b52f0c2cb296dd4a19b270d56eb7559116e4df7822fd67e6b50131600845af4e8ab426912975b50754ece7d396076975bd8ca4d9f7a269b3369b8717
ssdeep: 384:CnVssa7qhNLCPEioSGSNTp3qjMnD/lAi9YRDHopc1gT4D:CneRSNLCXRT14MnD8lT1gT4D
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T175B2E641EAEB84F1DC2615F75CF6A6BEC3227830DE9C041B97A07CA97C36D211479A27
sha3_384: 1707a8d48c31bc055e672617ec5205bae8a912a9f0cbf6ff06fae707c367ecff885f34a8f9dda095db64ab79a7c7097d
ep_bytes: 5589e583fc18c7042402000000ff1510
timestamp: 2011-04-25 09:04:38


Version Info:

CompanyName: SS4AS@hotmail.com
FileDescription: Binder MOD By S@me7
FileVersion: v.1
InternalName: s@Me7
LegalCopyright: ســــامح
LegalTrademarks: 
OriginalFilename: 
ProductName: s@me7
ProductVersion: s@me7
Comments: 
Translation: 0x0809 0x04e4

Backdoor:Win32/Bifrose!pz also known as:

Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Fugrafa.27608
ClamAVWin.Trojan.Agent-315789
FireEyeGeneric.mg.ded56e50c1f35c04
CAT-QuickHealTrojan.Ceeinject.19813
SkyhighGenericR-FNM!DED56E50C1F3
McAfeeGenericR-FNM!DED56E50C1F3
Cylanceunsafe
ZillyaBackdoor.Bifrose.Win32.53834
SangforTrojan.Win32.Injector.8
CrowdStrikewin/malicious_confidence_90% (D)
AlibabaTrojan:Win32/Menti.71c8ecd2
K7GWTrojan ( 002978c31 )
K7AntiVirusTrojan ( 002978c31 )
BitDefenderThetaGen:NN.ZexaF.36680.by1@au3qndo
VirITTrojan.Win32.SHeur3.BWSX
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Injector.GNC
APEXMalicious
CynetMalicious (score: 100)
KasperskyTrojan.Win32.Menti.hicl
BitDefenderGen:Variant.Fugrafa.27608
NANO-AntivirusTrojan.Win32.Menti.covkmx
ViRobotTrojan.Win32.A.Buzus.11264
AvastWin32:Agent-AOZU [Trj]
TencentMalware.Win32.Gencirc.11494728
TACHYONTrojan/W32.Menti.25116
EmsisoftGen:Variant.Fugrafa.27608 (B)
BaiduWin32.Worm.Autorun.bm
F-SecureHeuristic.HEUR/AGEN.1343348
DrWebBackDoor.Bifrost.21464
VIPREGen:Variant.Fugrafa.27608
IkarusTrojan.Win32.Buzus
GDataGen:Variant.Fugrafa.27608
JiangminTrojan/Buzus.auyl
WebrootW32.Backdoor.Gen
AviraHEUR/AGEN.1343348
Antiy-AVLTrojan/Win32.Menti
KingsoftWin32.Trojan.Menti.hicl
XcitiumTrojWare.Win32.Inject.JRR@4qmc61
ArcabitTrojan.Fugrafa.D6BD8
ZoneAlarmTrojan.Win32.Menti.hicl
MicrosoftBackdoor:Win32/Bifrose!pz
GoogleDetected
AhnLab-V3Trojan/Win32.Buzus.R7894
ALYacGen:Variant.Fugrafa.27608
MAXmalware (ai score=99)
VBA32Trojan.Menti
MalwarebytesMalware.AI.3461187972
PandaGeneric Malware
RisingTrojan.Bagsu!8.3B1 (CLOUD)
YandexTrojan.Inject!SmcePd9Ljn0
MaxSecureTrojan.Malware.2471017.susgen
FortinetW32/Injector.KSK!tr
AVGWin32:Agent-AOZU [Trj]
Cybereasonmalicious.7ca824
DeepInstinctMALICIOUS

How to remove Backdoor:Win32/Bifrose!pz?

Backdoor:Win32/Bifrose!pz removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment