Trojan

What is “Trojan:Win32/Farfli.ASDI!MTB”?

Malware Removal

The Trojan:Win32/Farfli.ASDI!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan:Win32/Farfli.ASDI!MTB virus can do?

  • Sample contains Overlay data
  • Presents an Authenticode digital signature
  • The PE file contains a PDB path
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Authenticode signature is invalid
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Trojan:Win32/Farfli.ASDI!MTB?



File Info:

name: 2326B83D0702E498A72A.mlw
path: /opt/CAPEv2/storage/binaries/13ae15f8a6c49acacf1d5c03d37b1eb75e434ad1434eb9f9798760ec5bb4873d
crc32: A6088964
md5: 2326b83d0702e498a72a6f42ab312541
sha1: add784fbce39d52fd855b5900ae4f9fc89ed43d7
sha256: 13ae15f8a6c49acacf1d5c03d37b1eb75e434ad1434eb9f9798760ec5bb4873d
sha512: dcbb841f392778391df315a913d272df809a4fba037c88252f01b94759af70d03bc581e69cb384431f8fedfe4f922b934ed4b6f1f2c80b4b62eb667fbe57a17c
ssdeep: 24576:tzgkLJorINGHhvax4WwOAR++r+1UIMj7+yif8A6RbhMc:LLJorIN4k4/M+r+1Upj7+yifNA
type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
tlsh: T154757B7BF13B4D46D272D279CC48B260A725ADF4E6F2C0CEB74936A755390D33811A2A
sha3_384: a61c66ccbfd1f04430d8623de44699fab6e2952dc8f2715d1c0a7425c700e7e88a1015e8f41bd9a85263c391780c6f91
ep_bytes: 558bec51c745fc01000000837d0c0075
timestamp: 2024-02-28 01:31:35


Version Info:

CompanyName: 360.cn
FileDescription: 360软件管家
FileVersion: 7, 5, 0, 2080
InternalName: SoftMgr
LegalCopyright: (C) 360.cn All Rights Reserved.
OriginalFilename: SoftMgr.exe
ProductName: 360软件管家
ProductVersion: 7, 5, 0, 2080
Translation: 0x0804 0x04b0

Trojan:Win32/Farfli.ASDI!MTB also known as:

BkavW32.AIDetectMalware
Elasticmalicious (high confidence)
CynetMalicious (score: 100)
MalwarebytesMalware.AI.3077247116
CrowdStrikewin/malicious_confidence_100% (D)
SymantecML.Attribute.HighConfidence
APEXMalicious
ClamAVWin.Trojan.Ulise-9645830-0
KasperskyHEUR:Backdoor.Win32.Lotok.gen
FireEyeGeneric.mg.2326b83d0702e498
IkarusBackdoor.Win32.Zegost
MicrosoftTrojan:Win32/Farfli.ASDI!MTB
ZoneAlarmHEUR:Backdoor.Win32.Lotok.gen
GoogleDetected
RisingTrojan.Cyclun!8.125AE (TFE:6:4tXXf23fLiK)

How to remove Trojan:Win32/Farfli.ASDI!MTB?

Trojan:Win32/Farfli.ASDI!MTB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment