Backdoor.Bifrose.O

By CagedTech in Backdoors

Threat Scorecard

Popularity Rank:	26,325
Threat Level:	60 % (Medium)
Infected Computers:	1

First Seen:	March 7, 2023
Last Seen:	December 9, 2025
OS(es) Affected:	Windows

Table of Contents

Analysis Report

General information

Family Name:	Backdoor.Bifrose.O
Signature status:	No Signature

Known Samples

MD5: 2b8476c5edd67f755bc07d1944808a3c

SHA1: 37b216e98e943b1c478abce50bb655f81d6b56de

SHA256: 6B690E5B2678EB477883722FA7B00C428941C64909FB5CD47F2FB6E0C2C77BD3

File Size: 1.82 MB, 1822720 bytes

Windows Portable Executable Attributes

File doesn't have "Rich" header
File doesn't have debug information
File doesn't have exports table
File doesn't have relocations information
File doesn't have security information
File is 32-bit executable
File is either console or GUI application
File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
File is Native application (NOT .NET application)
File is not packed

IMAGE_FILE_DLL is not set inside PE header (Executable)
IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Icons

Windows PE Version Information

Name	Value
Comments	Modified by an unpaid evaluation copy of Resource Tuner 2 (www.heaventools.com)
Company Name	Hanbitsoft corp.
File Description	Tantra Client
File Version	6, 9, 0, 6
Internal Name	HTLaunch
Legal Copyright	Copyright (c) - 2003 Hanbitsoft corp.
Original Filename	HTLaunch.exe
Product Name	Tantra Client
Product Version	1, 0, 0, 1

File Traits

imgui
RT
x86

Block Information

Total Blocks:	4,481
Potentially Malicious Blocks:	2,553
Whitelisted Blocks:	1,926
Unknown Blocks:	2

Visual Map

0 0 0 x x 0 0 0 x 0 0 x x x x x x 0 0 0 0 x x 0 0 0 0 0 0 0 x x x x x x x x x x x x x x x x x x x x x x 0 x 0 0 0 0 0 0 x 0 0 x 0 0 x 0 0 0 0 0 0 x 0 x 0 0 0 0 0 0 0 0 x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x 0 0 0 0 0 0 0 0 0 0 0 0 x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x x x x x x x x x x x x x x 0 0 0 0 0 0 0 0 0 0 0 x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x 0 x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 x x x x x x x x x x x x x x x x x x x x x x x x 0 0 x 0 0 x x x x 0 0 0 0 0 x 0 0 0 0 x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x x x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 x x 0 0 0 0 x 0 0 x x x x 0 0 0 x x x 0 0 x x x x x x x 0 x x x x x x x x x 0 x x x 0 x x x x 0 x x 0 0 x x x 0 x x x x x x x x x x x x x x x x x x x 0 0 x x x x x x x x x x x x x x x x 0 0 0 0 x x x 0 0 0 x x x x x x x x x 0 x x x x x x x x x 0 x x x x 0 0 x x x x x 0 0 0 x x x 0 0 x x x 0 x x x 0 0 0 0 0 0 0 0 0 x x x 0 0 0 0 x x x x x x x x x x x 0 x x x x x x x x x 0 x x 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 x x x 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 x x x x x x x 0 0 x x x x x x x x x 0 x x x x x x x x x 0 x 0 x x x 0 0 x x x x x x x x x x x x x x x x x x x x x x 0 x x x x 0 0 x x x x x x x 0 x x 0 x x x x x x 0 x x x x x 0 x x 0 x 0 x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 x x x x 0 0 0 0 0 0 0 0 0 x x x x x x x x x x x x x x x x ? x x x x x x x x x 0 0 0 x 0 0 0 0 0 x 0 0 0 0 0 0 0 0 x x x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 x 0 x 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 x 0 0 0 0 x x x x x x x x x x x x x x x x x x 0 x x x x 0 0 0 0 0 x x 0 x 0 0 x x 0 0 0 0 0 0 0 x x 0 x x 0 0 x 0 0 0 0 0 x x 0 x x x 0 0 0 0 0 0 0 0 0 0 0 0 x x x x x x x x x x x x x x x x x x x x x x x x 0 0 0 0 0 0 0 0 0 x x x x x x x x x x x x 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x x x x x x x x x x x x x x x x x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x x x x x x x 0 x x x x 0 x x x x x x x x x x x x x x x x x x x 0 x 0 x 0 x x x x x 0 x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x 0 x x x 0 x 0 x x x 0 x x 0 x x x x 0 x x x x x 0 x x 0 x x x x 0 x x x x 0 x x x x x 0 x x x x x x 0 x 0 x x x x x x x x x 0 x x x x x 0 x x x x x 0 x x x x x x x x x x x x x 0 0 x x x x x x 0 x x x x x x x x x x x x x x x x x x x x x x 0 0 x x 0 x x x x x x 0 x x x x x x x x x x x x x x x x x x x x 0 x x x x x x x x x x x x x x x x x x x x x x x x 0 0 0 x x x x x x x x x x 0 x x x x x 0 x x x x x x x 0 x x x x x x x x x x 0 0 x x x x x 0 0 x x x x x 0 x x x x x

... Data truncated

0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Similar Families

Bifrose.O

EnigmaSoft’s Payment Processor Digital River GmbH Filing for Bankruptcy Does Not Impact SpyHunter Customers’ Anti-Malware Protection

Search

Change Region

Backdoor.Bifrose.O

Threat Scorecard

EnigmaSoft Threat Scorecard

Analysis Report

General information

Known Samples

Known Samples

Windows Portable Executable Attributes

Windows Portable Executable Attributes

File Icons

File Icons

Windows PE Version Information

Windows PE Version Information

File Traits

Block Information

Block Information

Visual Map

Similar Families

Similar Families

Submit Comment

Trending

Businesses Continue to Struggle With Social Network...

Ointended.pro

PUP.WiseFixer

Most Viewed

How To Fix 'Printer Driver is Unavailable' Error

Discord Is Stuck on Gray Screen

Discord Shows Black Screen when Sharing Screen