Backdoor

BScope.Backdoor.Freak malicious file

Malware Removal

The BScope.Backdoor.Freak is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What BScope.Backdoor.Freak virus can do?

  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • The binary contains an unknown PE section name indicative of packing
  • Executable file is packed/obfuscated with ASPack
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine BScope.Backdoor.Freak?



File Info:

name: 8292AF80316A4E463138.mlw
path: /opt/CAPEv2/storage/binaries/b1da5bd1e0ab46f4df1f960e1576bf22024d34008004096056770875edd9a449
crc32: 28516672
md5: 8292af80316a4e463138589db6bea0fc
sha1: aaf77ad66d4305eb466985b5b9480f824858457e
sha256: b1da5bd1e0ab46f4df1f960e1576bf22024d34008004096056770875edd9a449
sha512: 4782965c02bd00bf1624681a9d453f1ccb565bc3335b2358d3b99c623feb257bd47fff19ba0bded81cf112163f5ff86728baee0f193294587353010d48fa0ea4
ssdeep: 49152:stW+jJ5v+rBHjBVPauwg4zVf+bNcFcka/4B40TumXzVtqI:stJj/veBDBBOzVfhFcp/4BLimXzVV
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1DCC53359A50690DCE08F8178849EFED64F51DEE2486C4BEB127D3A5CC8B9AD12C0D6CF
sha3_384: a9660468b54e5059f96cdbd431353e1629a3902eb0b51dfa6b5f09879d58191c5ccb92e869d02e7d66fa3f3567d2d97d
ep_bytes: 60e803000000e9eb045d4555c3e80100
timestamp: 2005-07-07 17:09:33


Version Info:

CompanyName: Faronics Corporation
FileDescription: Server console to Deep Freeze 5 workstations
FileVersion: 5,50,220,1299
InternalName: DF5Console.exe
LegalCopyright: Copyright © 1999-2005 Faronics Corporation
OriginalFilename: DFConsole.exe
ProductName: Deep Freeze 5
ProductVersion: 5.50.220.1299
Translation: 0x0409 0x04e4

BScope.Backdoor.Freak also known as:

McAfeeArtemis!8292AF80316A
MalwarebytesMalware.Heuristic.1004
APEXMalicious
NANO-AntivirusTrojan.Win32.Freak.ezbhwc
AvastWin32:Malware-gen
DrWebBackDoor.Freak.124
McAfee-GW-EditionBehavesLike.Win32.Downloader.vc
IkarusBackdoor.Freak
GDataWin32.Trojan.Agent.6GI8MC
Antiy-AVLTrojan/Win32.Bitrep
GridinsoftRansom.Win32.Sabsik.sa
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
VBA32BScope.Backdoor.Freak
YandexTrojan.GenAsa!iRFSBXCBWlk
AVGWin32:Malware-gen

How to remove BScope.Backdoor.Freak?

BScope.Backdoor.Freak removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment