Backdoor

Backdoor:Win32/Pirpi.G!dha malicious file

Malware Removal

The Backdoor:Win32/Pirpi.G!dha is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Backdoor:Win32/Pirpi.G!dha virus can do?

  • A file was accessed within the Public folder.
  • Authenticode signature is invalid
  • Attempts to modify proxy settings
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Backdoor:Win32/Pirpi.G!dha?



File Info:

name: 8849538EF1C347164023.mlw
path: /opt/CAPEv2/storage/binaries/854c6ba97b4bd01246ac6ef9258135d2337e6938676421131b6793abf339fa94
crc32: 29374883
md5: 8849538ef1c3471640230605c2623c67
sha1: 487f8944313e5780898c5b3a33bf8eab040c51a4
sha256: 854c6ba97b4bd01246ac6ef9258135d2337e6938676421131b6793abf339fa94
sha512: 3ebaba55298b83ac809c0e28d6dcb6ca4f8585a0433e2d36e4bedf6620b5a197e9a23aee3c23de3336290059d2c8a156c9c2a3ffd193e0332ea97797979a2a08
ssdeep: 1536:5jXBIMH+P+JRvY1jHHKWqNIs4WVFDmEgJl+bIIijcLmYxY:5jXBIMH+P+YtKQs4UFipJwIhcLmYxY
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T17AA35B68C615AF38EE6C49B36EC32AD7E768107716C7D1BE282FB2D55835233E818581
sha3_384: b45700996ca6693395432e396ca93fc8ef24879f4f3cfb3351d5c417bc824abe33885856eb4736dcc4edbd1af9f8ea17
ep_bytes: 558bec6aff68c8204000680018400064
timestamp: 2014-09-25 16:09:59


Version Info:

0: [No Data]

Backdoor:Win32/Pirpi.G!dha also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Agent.lyzF
MicroWorld-eScanTrojan.GenericKD.71440574
SkyhighRDN/Generic Dropper
McAfeeRDN/Generic Dropper
Cylanceunsafe
ZillyaTrojan.Inject.Win32.169961
SangforSuspicious.Win32.Save.ins
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaBackdoor:Win32/Pirpi.1de8db4c
K7GWRiskware ( 0040eff71 )
K7AntiVirusRiskware ( 0040eff71 )
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32Win32/TrojanDropper.Agent.RKV
APEXMalicious
TrendMicro-HouseCallTROJ_INJECTOR.XXT
AvastWin32:Malware-gen
ClamAVWin.Trojan.Agent-6573609-0
KasperskyTrojan.Win32.Inject.sbfk
BitDefenderTrojan.GenericKD.71440574
NANO-AntivirusTrojan.Win32.Pirpi.djgnij
RisingBackdoor.Pirpi!8.169A (TFE:5:JEUcYV1o87S)
EmsisoftTrojan.GenericKD.71440574 (B)
F-SecureTrojan.TR/Dropper.Gen
DrWebTrojan.DownLoader22.22804
VIPRETrojan.GenericKD.71440574
TrendMicroTROJ_INJECTOR.XXT
Trapminemalicious.high.ml.score
FireEyeGeneric.mg.8849538ef1c34716
SophosTroj/Agent-AKHW
IkarusTrojan.Win32.Inject
MAXmalware (ai score=100)
JiangminTrojan/Inject.ayjg
GoogleDetected
AviraTR/Dropper.Gen
Antiy-AVLTrojan[APT]/Win32.APT3
MicrosoftBackdoor:Win32/Pirpi.G!dha
XcitiumMalware@#x9y8a6h2l1su
ArcabitTrojan.Generic.D44218BE
ViRobotDropper.Agent.102400.T
ZoneAlarmTrojan.Win32.Inject.sbfk
GDataTrojan.GenericKD.71440574
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Agent.C642556
BitDefenderThetaAI:Packer.71050AD71C
ALYacTrojan.GenericKD.71440574
TACHYONTrojan/W32.Inject.102400.BR
VBA32BScope.Trojan.Inject
MalwarebytesMalware.AI.4199146447
PandaTrj/Chgt.N
TencentMalware.Win32.Gencirc.115d0d69
YandexTrojan.Inject!yG85b6UekHo
SentinelOneStatic AI – Suspicious PE
MaxSecureTrojan.Malware.7788706.susgen
FortinetW32/Inject.SBFK!tr
AVGWin32:Malware-gen
DeepInstinctMALICIOUS
alibabacloudTrojan[dropper]:Win/Inject.sbfk

How to remove Backdoor:Win32/Pirpi.G!dha?

Backdoor:Win32/Pirpi.G!dha removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment