Backdoor:Win32/Farfli.AV

By Sumo3000 in Backdoors

Threat Scorecard

Threat Level:	60 % (Medium)
Infected Computers:	842

First Seen:	June 25, 2013
Last Seen:	August 28, 2022
OS(es) Affected:	Windows

Backdoor:Win32/Farfli.AV is a backdoor Trojan that enables a remote cybercriminal to obtain access and control to the corrupted PC. Backdoor:Win32/Farfli.AV can log keystrokes and steal an affected PC user's personal information. Backdoor:Win32/Farfli.AV can drop other malware infections on the infected computer system. Backdoor:Win32/Farfli.AV may steal the target PC user's personal information by recording his/her usernames and passwords. While being installed, Backdoor:Win32/Farfli.AV makes system modifications by adding malevolent files. Backdoor:Win32/Farfli.AV adds itself to the start menu to ensure it is executed automatically every time you start Windows. Backdoor:Win32/Farfli.AV creates a copy of itself as a malevolent file. Backdoor:Win32/Farfli.AV strives to connect to a distant server to receive commands. Backdoor:Win32/Farfli.AV alters system settings and runs or blocks programs.

Table of Contents

SpyHunter Detects & Remove Backdoor:Win32/Farfli.AV

File System Details

Backdoor:Win32/Farfli.AV may create the following file(s):

Expand All | Collapse All

#	File Name	MD5	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	updata.exe	281e5275e39b6aa7997bd017f9ba8794	125
Name: updata.exe MD5: 281e5275e39b6aa7997bd017f9ba8794 Size: 282.62 KB (282624 bytes) Detections: 125 Type: Executable File Path: %SystemDrive% Group: Malware file Last Updated: July 27, 2017
2.	svchsot.exe	5a2417a1c607464051ec9e2c0bcad34e	62
Name: svchsot.exe MD5: 5a2417a1c607464051ec9e2c0bcad34e Size: 139.89 MB (139894507 bytes) Detections: 62 Type: Executable File Path: %WINDIR%\XXXXXX7B32C78F Group: Malware file Last Updated: April 27, 2017
3.	svchsot.exe	377e64bc752914e0c1cb5a223d0111f0	43
Name: svchsot.exe MD5: 377e64bc752914e0c1cb5a223d0111f0 Size: 200.7 KB (200704 bytes) Detections: 43 Type: Executable File Path: %WINDIR%\XXXXXXE640E383 Group: Malware file Last Updated: April 27, 2017
4.	svchsot.exe	bb2b345cf7534b94b8357273870be8c6	33
Name: svchsot.exe MD5: bb2b345cf7534b94b8357273870be8c6 Size: 536.65 KB (536650 bytes) Detections: 33 Type: Executable File Path: %USERPROFILE%\WINDOWS\XXXXXX494360EE Group: Malware file Last Updated: April 27, 2017
5.	svchsot.exe	c5d017bb110b1ea9f91d77cb8eae9376	31
Name: svchsot.exe MD5: c5d017bb110b1ea9f91d77cb8eae9376 Size: 844.8 KB (844800 bytes) Detections: 31 Type: Executable File Path: %USERPROFILE%\WINDOWS\718032F4 Group: Malware file Last Updated: April 27, 2017
6.	svchsot.exe	e79a87fba2dd859b02d9294495b92f13	31
Name: svchsot.exe MD5: e79a87fba2dd859b02d9294495b92f13 Size: 315.39 KB (315392 bytes) Detections: 31 Type: Executable File Path: %WINDIR%\XXXXXX579E5A5B VVVVVVrr2unw== Group: Malware file Last Updated: September 14, 2017
7.	svchsot.exe	9b12bf99b9dffdb3dbaead78fee77f30	27
Name: svchsot.exe MD5: 9b12bf99b9dffdb3dbaead78fee77f30 Size: 81.92 KB (81920 bytes) Detections: 27 Type: Executable File Path: %WINDIR%\96B5EEDF Group: Malware file Last Updated: April 27, 2017
8.	svchsot.exe	25c9e88240fde5cdb12ded7823e143ec	22
Name: svchsot.exe MD5: 25c9e88240fde5cdb12ded7823e143ec Size: 81.92 KB (81920 bytes) Detections: 22 Type: Executable File Path: %WINDIR%\B4F1E958 Group: Malware file Last Updated: April 27, 2017
9.	svchsot.exe	dfcb9a0fe689528644d8ec2fc79e0d8b	22
Name: svchsot.exe MD5: dfcb9a0fe689528644d8ec2fc79e0d8b Size: 307.2 KB (307200 bytes) Detections: 22 Type: Executable File Path: %WINDIR%\915B0A16 Group: Malware file Last Updated: April 27, 2017
10.	svchsot.exe	571986a42b3a764108ef3ae8b2cb6405	19
Name: svchsot.exe MD5: 571986a42b3a764108ef3ae8b2cb6405 Size: 196.6 KB (196608 bytes) Detections: 19 Type: Executable File Path: %WINDIR%\XXXXXXF21384CE Group: Malware file Last Updated: April 27, 2017
11.	svchsot.exe	8a6cf9822ba540ab2a53a969bf156525	14
Name: svchsot.exe MD5: 8a6cf9822ba540ab2a53a969bf156525 Size: 632.72 KB (632720 bytes) Detections: 14 Type: Executable File Path: %WINDIR%\XXXXXXAABF3161 Group: Malware file Last Updated: April 27, 2017
12.	svchsot.exe	91c2d318498c32a1283cf5ce750cf20f	14
Name: svchsot.exe MD5: 91c2d318498c32a1283cf5ce750cf20f Size: 196.6 KB (196608 bytes) Detections: 14 Type: Executable File Path: %WINDIR%\XXXXXX7F4689D0 Group: Malware file Last Updated: April 27, 2017
13.	svchsot.exe	ab41d5f5b66300231dc60b95d8bccda1	14
Name: svchsot.exe MD5: ab41d5f5b66300231dc60b95d8bccda1 Size: 196.6 KB (196608 bytes) Detections: 14 Type: Executable File Path: %WINDIR%\XXXXXX999DE06D Group: Malware file Last Updated: April 27, 2017
14.	svchsot.exe	cb5b3107a3fec86c7ac2df9069954d16	12
Name: svchsot.exe MD5: cb5b3107a3fec86c7ac2df9069954d16 Size: 196.6 KB (196608 bytes) Detections: 12 Type: Executable File Path: %WINDIR%\XXXXXX579E5A5B VVVVVVrr2unw== Group: Malware file Last Updated: April 27, 2017
15.	svchsot.exe	4f30e756d860060e55c9d24d3bfd130d	10
Name: svchsot.exe MD5: 4f30e756d860060e55c9d24d3bfd130d Size: 79.87 KB (79872 bytes) Detections: 10 Type: Executable File Path: %WINDIR%\489505AD Group: Malware file Last Updated: April 27, 2017
16.	svchsot.exe	9d028c89e3146abe86f02a96036bd764	10
Name: svchsot.exe MD5: 9d028c89e3146abe86f02a96036bd764 Size: 315 MB (315006961 bytes) Detections: 10 Type: Executable File Path: %WINDIR%\XXXXXX7B32C78F Group: Malware file Last Updated: April 27, 2017
17.	svchsot.exe	3138a12a00e63bbdb716ae5edbeeb329	10
Name: svchsot.exe MD5: 3138a12a00e63bbdb716ae5edbeeb329 Size: 210.14 MB (210149361 bytes) Detections: 10 Type: Executable File Path: %WINDIR%\XXXXXX7B32C78F Group: Malware file Last Updated: April 27, 2017
18.	Backdoor.A_variant.exe	f26a2bcc152d2ba697ad4508ea00959e	2
Name: Backdoor.A_variant.exe MD5: f26a2bcc152d2ba697ad4508ea00959e Size: 61.46 KB (61467 bytes) Detections: 2 Type: Executable File Path: %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup Group: Malware file Last Updated: March 25, 2016
19.	file.exe	db10c94b48e4838b800d7a386b9836fc	1
Name: file.exe MD5: db10c94b48e4838b800d7a386b9836fc Size: 297.2 KB (297206 bytes) Detections: 1 Type: Executable File Group: Malware file Last Updated: March 6, 2020
20.	[start menu]\Programs\Startup\killmdx
Name: [start menu]\Programs\Startup\killmdx Group: Malware file
21.	file.exe	bffe4a9dff2bb714fdb748b1ad8ed146	0
Name: file.exe MD5: bffe4a9dff2bb714fdb748b1ad8ed146 Size: 292.64 KB (292643 bytes) Detections: 0 Type: Executable File Group: Malware file Last Updated: October 5, 2016
22.	file.exe	3319ed9745bb92fe8e58e268165d13d7	0
Name: file.exe MD5: 3319ed9745bb92fe8e58e268165d13d7 Size: 167.95 KB (167950 bytes) Detections: 0 Type: Executable File Group: Malware file Last Updated: November 20, 2016
23.	file.exe	109dd29814db94db205eddccc1e17c58	0
Name: file.exe MD5: 109dd29814db94db205eddccc1e17c58 Size: 322.07 KB (322070 bytes) Detections: 0 Type: Executable File Group: Malware file

Registry Details

Backdoor:Win32/Farfli.AV may create the following registry entry or registry entries:

Regexp file mask

%HOMEDRIVE%\updata.exe

%PROGRAMFILES%\Internet Explorer\test.exe

%WINDIR%\dsawe.EXE

%WINDIR%\terms.exe.exe

Directories

Backdoor:Win32/Farfli.AV may create the following directory or directories:

%PROGRAMFILES%\Microsoft Ogmgka

%PROGRAMFILES%\mysqldata

%PROGRAMFILES(x86)%\Microsoft Ogmgka

%PROGRAMFILES(x86)%\mysqldata

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

Backdoor:Win32/Farfli.AV

Threat Scorecard

EnigmaSoft Threat Scorecard

SpyHunter Detects & Remove Backdoor:Win32/Farfli.AV

File System Details

Registry Details

Directories

Submit Comment

Trending

Rzfu Ransomware

'YouPorn' Email Scam

Rzkd Ransomware

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen