Categories: Backdoor

How to remove “Backdoor:Win32/Ecltys.A”?

The Backdoor:Win32/Ecltys.A is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Backdoor:Win32/Ecltys.A virus can do?

SetUnhandledExceptionFilter detected (possible anti-debug)
Sample contains Overlay data
Presents an Authenticode digital signature
Possible date expiration check, exits too soon after checking local time
Authenticode signature is invalid
Anomalous binary characteristics

How to determine Backdoor:Win32/Ecltys.A?


File Info:
name: 9F31B1BA424146AAB6F5.mlwpath: /opt/CAPEv2/storage/binaries/eda4dbc239f83c1d0c6dd781c106be1cea4c931ac687358437f78b900c22eef8crc32: BFC5EE38md5: 9f31b1ba424146aab6f54dd0d239d82fsha1: 87c90da2d3517091078e0a2385f87aa795baa34esha256: eda4dbc239f83c1d0c6dd781c106be1cea4c931ac687358437f78b900c22eef8sha512: 331ee5238e5eebda259fb26a7ba0de5438b1017baab0080da3ed39f4c34607ba6137e2562fea67d5a2702ef37b00f26b2b32ae369cc8c7c7964a898bad2ad88essdeep: 3072:ei4Vc398rKcVMpe59k2/7s+zK8Rf/xVxxcc57uVaUbEd:gVc3GKc9akzD5V0muw/type: PE32 executable (GUI) Intel 80386, for MS Windowstlsh: T184048C21FA81C0B3C41B247104B9DB76AE7DB662176846C3B7941F7DAE113E19F3A24Esha3_384: 0d58cba5d6a97907ed463a4196cff9124363bdbea6f816d3c504916b2e2cca540e006a2a2e3acea6ed6938afd97bd75dep_bytes: e85d780000e9a4feffffcccccccc8b4ctimestamp: 2012-02-08 00:42:00
Version Info:
0: [No Data]

Backdoor:Win32/Ecltys.A also known as:

DrWeb	BackDoor.Siggen.45477
MicroWorld-eScan	Gen:Variant.Midie.77142
FireEye	Generic.mg.9f31b1ba424146aa
ALYac	Gen:Variant.Midie.77142
Cylance	Unsafe
VIPRE	Gen:Variant.Midie.77142
BitDefender	Gen:Variant.Midie.77142
Cybereason	malicious.a42414
Symantec	Trojan.Ecltys!gen1
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win32/Agent.PME
ClamAV	Win.Malware.Ecltys-9802768-0
Kaspersky	Backdoor.Win32.Agent.dbcl
NANO-Antivirus	Trojan.Win32.Ecltys.fekwvi
Ad-Aware	Gen:Variant.Midie.77142
Zillya	Backdoor.Agent.Win32.44066
McAfee-GW-Edition	BackDoor-FAFS
Emsisoft	Gen:Variant.Midie.77142 (B)
Ikarus	Backdoor.Win32.Ecltys
Jiangmin	Backdoor/Agent.cwkd
Antiy-AVL	Trojan/Generic.ASMalwS.61
Microsoft	Backdoor:Win32/Ecltys.A
GData	Gen:Variant.Midie.77142
Cynet	Malicious (score: 100)
AhnLab-V3	Trojan/Win32.Ecltys.C253331
McAfee	BackDoor-FAFS
MAX	malware (ai score=84)
VBA32	Backdoor.Agent
Malwarebytes	Malware.AI.1499352627
Panda	Trj/Zbot.S
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/Generic.AP.9DC56!tr
AVG	Win32:BackdoorX-gen [Trj]
Avast	Win32:BackdoorX-gen [Trj]