Trojan-Downloader.Win64.Farfli.dy (file analysis)

The Trojan-Downloader.Win64.Farfli.dy is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan-Downloader.Win64.Farfli.dy virus can do?

Unconventionial binary language: Chinese (Simplified)
Unconventionial language used in binary resources: Chinese (Simplified)
Anomalous binary characteristics

How to determine Trojan-Downloader.Win64.Farfli.dy?


File Info:
crc32: DD9C9973
md5: 4dcb80fa9a6f234c7eb0bb61685159cc
name: 4DCB80FA9A6F234C7EB0BB61685159CC.mlw
sha1: d220dcd88547de7f4f4f8db760d421caa1e57a7d
sha256: 4972342cc9ad7280b6cd6f3be2002c73823b33dee2c9ab81b3fb1f1f7545ca29
sha512: c3b6d64147a6289417c24a870b6421d5eab8dd910b0cd1e29c47679d18ab59f93ffb1575e76c582c6a7d98eec5b068f5520263aa9ff8d25eb5f74def53adff95
ssdeep: 12288:i+W4GX26LdqI8I3XTPaumKQCn5Y8F7hVZ/4Z511e6Di/qQ0GR:E4GX26LdqI8Elln5PF7hI511e6Di/ZJ
type: PE32+ executable (console) x86-64, for MS Windows

Version Info:
LegalCopyright: Copyright (C) 2008-2021 www.ludashi.com
InternalName: ludashi.rc
FileVersion: 6.1021.3195.928
CompanyName: x9c81x5927x5e08
ProductName: x9c81x5927x5e08
ProductVersion: 6.1021.3195.928
FileDescription: x9c81x5927x5e08
OriginalFilename: ComputerZ_CN.exe
Translation: 0x0804 0x04b0

Trojan-Downloader.Win64.Farfli.dy also known as:

Elastic	malicious (high confidence)
DrWeb	Trojan.DownLoader43.55258
ALYac	Trojan.GenericKD.47305250
Avast	Win64:BackdoorX-gen [Trj]
Kaspersky	Trojan-Downloader.Win64.Farfli.dy
BitDefender	Trojan.GenericKD.47305250
MicroWorld-eScan	Trojan.GenericKD.47305250
Ad-Aware	Trojan.GenericKD.47305250
Sophos	Generic Reputation PUA (PUA)
McAfee-GW-Edition	BehavesLike.Win64.Worm.th
FireEye	Trojan.GenericKD.47305250
Emsisoft	Trojan.GenericKD.47305250 (B)
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
GData	Trojan.GenericKD.47305250
McAfee	Artemis!4DCB80FA9A6F
MAX	malware (ai score=81)
Rising	Downloader.Agent!1.D154 (CLASSIC)
Ikarus	Trojan-Downloader.Win64.Agent
Fortinet	W32/PossibleThreat
AVG	Win64:BackdoorX-gen [Trj]

How to remove Trojan-Downloader.Win64.Farfli.dy?

Trojan-Downloader.Win64.Farfli.dy removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X