Backdoor

UDS:Backdoor.Win32.Blacknix removal

Malware Removal

The UDS:Backdoor.Win32.Blacknix is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What UDS:Backdoor.Win32.Blacknix virus can do?

  • Sample contains Overlay data
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid

How to determine UDS:Backdoor.Win32.Blacknix?


File Info:

name: 9E1ABE5E2B12170312E0.mlw
path: /opt/CAPEv2/storage/binaries/103798641592be08e9e12cfc5ca06ae5bab3c8dae43210dc0d615a86d41cdedf
crc32: E13C82AF
md5: 9e1abe5e2b12170312e05a0b2cf69fca
sha1: fe01540895bcc2479a639e229754b4c21aa78dd2
sha256: 103798641592be08e9e12cfc5ca06ae5bab3c8dae43210dc0d615a86d41cdedf
sha512: 0ff73fae85ddc912ae359e4ced0095f59be7d0c5e61f5d1f52106653748ead958d225503c4b7143ffbe64663e51c6ab8905e14a47702b003de0e6291850af26a
ssdeep: 49152:6UeOMAZE9zoYrkrkndJWDBdrnn1ugrA3wXgnqNDf0:6G5ZE9MYlndJWDr11SyDf0
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T14E85232039E1C536D5D39532CFCC6AE270E5E6098F3144B723D90A1E5E3E9DAC139B6A
sha3_384: 565383d45710406944218f3aa679facd4721133744065258137ad87ec0eb074e1e481552bc5bd2ead1ec5b5127d3094c
ep_bytes: 558bec6aff68201e4200685cd2410064
timestamp: 2010-11-18 16:27:33

Version Info:

CompanyName: Igor Pavlov
FileDescription: 7z SFX
FileVersion: 9.20
InternalName: 7z.sfx
LegalCopyright: Copyright (c) 1999-2010 Igor Pavlov
OriginalFilename: 7z.sfx.exe
ProductName: 7-Zip
ProductVersion: 9.20
Translation: 0x0409 0x04b0

UDS:Backdoor.Win32.Blacknix also known as:

SkyhighBehavesLike.Win32.BadFile.tc
ALYacBackdoor.Agent.BlackNix
SangforBackdoor.Win32.Blacknix.Vmmn
SymantecTrojan.Gen.MBT
TrendMicro-HouseCallTROJ_GEN.R002H07FR23
KasperskyUDS:Backdoor.Win32.Blacknix.gen
GoogleDetected
SophosGeneric Reputation PUA (PUA)
VaristW32/Delf.gen!Eldorado
ZoneAlarmHEUR:Backdoor.Win32.Blacknix.gen
MicrosoftPUA:Win32/Presenoker
McAfeeArtemis!9E1ABE5E2B12
VBA32Backdoor.Blacknix
Cylanceunsafe
RisingBackdoor.Blacknix!8.115BE (CLOUD)
FortinetW32/Blacknix!tr.bdr
DeepInstinctMALICIOUS

How to remove UDS:Backdoor.Win32.Blacknix?

UDS:Backdoor.Win32.Blacknix removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment