« Adware.Satbo
Backdoor.PoisonIvy.j »

Backdoor.Bifrose

No Comments
GoldSparrow By GoldSparrow in Backdoors | 65 views
Rate it:
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading ... Loading ...

Backdoor.Bifrose Description

Backdoor.Bifrose (sometimes referred to as Bifrose) is a backdoor Trojan that provides an unauthorized user with remote access, and in some cases complete control, of your system. Thus Backdoor.Bifrose places any and all personal information data at great risk of being stolen, while other files may be uploaded, downloaded and deleted from your hard drive. Computer security and stability may be further degraded as Backdoor.Bifrose may download other malicious applications.

Type: Backdoors

How Can You Detect Backdoor.Bifrose?

 
 

Download SpyHunter’s Detection Scanner
to Detect Backdoor.Bifrose.

 
 

Backdoor.Bifrose Technical Report

As new Backdoor.Bifrose details are reported by our customers and findings from our Threat Research Center, we will update this section.

The following Backdoor.Bifrose files with its MD5s were created in the system:

File Name File Size MD5
csrss.exe 58848 2c4a7df7936a38294b20e790d5f1949e
wem[1].exe 58848 2c4a7df7936a38294b20e790d5f1949e
a.exe 58848 2c4a7df7936a38294b20e790d5f1949e
ffx.exe 143872 905d88c67659fe04a35ec2c0f86c4ed0
file[1].exe 38919 9b1b8011f18ac6b95c87cc5c115514e7
svchost.exe 584192 624f45f8ef3f192e8eb09a529fe0e3fe
dllhost32.exe 106698 48f9c92fa47e6415d0f6e1c4f1e5a7aa
tootoo[1].exe 35610 29044a363c4ba637a54b37fab29882e2
server.exe 35610 29044a363c4ba637a54b37fab29882e2
server.exe 1044480 51ac657a1aa8c2a50bc01b513203151d
winsystem.exe 100063 4920b9bcc50cac48ce4cb3f4ce4c527e
win23.exe 335872 0ab35874ae5d12db56ba7df38159427c
spoolsv.exe 47616 c665a55e56966c44171d9c8900fbb529
ccdrive32.exe 75264 39f2c3805d88cf76c5d79c54c1e37349
init.exe 61952 410a9bcf3973ed46ef34392158629473
wupdate.exe 76796 a1b26fbf43719ea8757ae92b16248c85

Backdoor.Bifrose has typically the following processes in memory:

  • backdoor.bifrose.a.exe
  • ~565.exe
  • pxwma.dll
  • xvid-1.0.3-beta3-setup.exe
  • ap0.exe
  • system.dll
  • backdoor.bifrose.a_(319).exe
  • ap2.exe
  • msconf.exe
  • ccdrive32.exe

Backdoor.Bifrose creates the following registry entries:

  • HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runstartkey
  • HKEY_LOCAL_MACHINE\software\xvid
  • HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\xvid

Important Article Disclaimer

ESG Support Center

Share and Enjoy: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Furl
  • StumbleUpon
  • Technorati
  • YahooMyWeb
This entry was posted on 08/13/07 and is filed under Backdoors. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Comment

Note: Abusive comments are not allowed. Please do not post comments regarding technical support issues. ESG customers that have issues with SpyHunter should open a customer support ticket.

Top Malware

Recommended Products

Featured Videos

Poll

How much money have you spent trying to rid your PC of spyware?
View Results

Recent Articles

Top FAQs

Follow Us on Twitter

Archives

Home Sitemap RSS Feed Privacy Policy End User License Agreement Copyright 2003-2010. Enigma Software Group USA, LLC. All Rights Reserved.