Constructor:Win32/Bifrose.A

By JubileeX in Trojans

Threat Scorecard

Threat Level:	80 % (High)
Infected Computers:	89

First Seen:	May 20, 2011
Last Seen:	June 22, 2020
OS(es) Affected:	Windows

Constructor:Win32/Bifrose.A is a detection for a tool used by hackers to create variants of the Trojan Backdoor:Win32/Bifrose. Win32/Bifrose is a Trojan that connects to a remote IP address and enables remote access and control by the hacker. Constructor:Win32/Bifrose.A deletes important files and completely disables your computer system or network. Constructor.Win32.Bifrose.a does not use network resources to propagate, but can propagate through a network by attaching itself to other computer malware. Constructor:Win32/Bifrose.A can also help the hacker get remote access to any data collected on your computer, such as personal and financial information. Constructor:Win32/Bifrose.A may also use your computer to execute illegitimate botnet attacks. Constructor.Win32.Bifrose.a is a dangerous security risk to your PC system and it has to be removed immediately.

Table of Contents

Aliases

15 security vendors flagged this file as malicious.

Anti-Virus Software	Detection
Fortinet	W32/Bifrose.NTC!tr
AhnLab-V3	Trojan/Win32.Bifrose
Antiy-AVL	Constructor/Win32.Bifrose.gen
TrendMicro	TROJ_GEN.RCBC1J8
DrWeb	Trojan.Fakealert.25680
Kaspersky	Constructor.Win32.Bifrose.abs
Avast	Win32:Bifrose-BN [Trj]
F-Prot	W32/Bifrost.I.gen!Eldorado
CAT-QuickHeal	Constructor.Bifrose.j.n7 (Not a Virus)
McAfee	Hiloti.gen.z
NOD32	a variant of Win32/Kryptik.NTD
Fortinet	W32/PackedHiloti.N!tr
Ikarus	Trojan.Win32.Hiloti
AhnLab-V3	Trojan/Win32.Hiloti
BitDefender	Gen:Variant.Hiloti.2

SpyHunter Detects & Remove Constructor:Win32/Bifrose.A

File System Details

Constructor:Win32/Bifrose.A may create the following file(s):

Expand All | Collapse All

#	File Name	MD5	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	conhost.exe	f15dce5798b4a141e7742f5159ff5564	38
Name: conhost.exe MD5: f15dce5798b4a141e7742f5159ff5564 Size: 180.22 KB (180224 bytes) Detections: 38 Type: Executable File Path: %APPDATA%\Microsoft Group: Malware file Last Updated: May 23, 2011
2.	csrss.exe	88b350a00323b28a6eb626b4bf32d01f	18
Name: csrss.exe MD5: 88b350a00323b28a6eb626b4bf32d01f Size: 193.02 KB (193024 bytes) Detections: 18 Type: Executable File Path: %TEMP% Group: Malware file Last Updated: May 26, 2011
3.	Bifrost Coffin Of Evil 1.2.1d.EXE	1fdb9a81d4b3654727d0c79fe3699aad	7
Name: Bifrost Coffin Of Evil 1.2.1d.EXE MD5: 1fdb9a81d4b3654727d0c79fe3699aad Size: 1.46 MB (1465344 bytes) Detections: 7 Type: Executable File Path: %USERPROFILE%\My Documents\Downloads\Compressed\Bifrost Coffin Of Evil 1.2.1d Group: Malware file Last Updated: June 22, 2020
4.	PDFIPCO.dll	0313a29ffdfe897f888704e3899d273c	4
Name: PDFIPCO.dll MD5: 0313a29ffdfe897f888704e3899d273c Size: 118.78 KB (118784 bytes) Detections: 4 Type: Dynamic link library Path: %LOCALAPPDATA% Group: Malware file Last Updated: June 13, 2011
5.	wipsol.dll	26489da32d69ae60cb95dba200264891	3
Name: wipsol.dll MD5: 26489da32d69ae60cb95dba200264891 Size: 90.11 KB (90112 bytes) Detections: 3 Type: Dynamic link library Path: %WINDIR% Group: Malware file Last Updated: May 31, 2011
6.	conhost.exe	a3ee3ffe0176d921668e6a5a4ff8e570	3
Name: conhost.exe MD5: a3ee3ffe0176d921668e6a5a4ff8e570 Size: 176.64 KB (176640 bytes) Detections: 3 Type: Executable File Path: %SystemDrive%\Documents and Settings\HP_Administrateur\Application Data\Microsoft Group: Malware file Last Updated: May 31, 2011
7.	arpm.exe	de134eaad6c88fa97b16eb5bc8c1052e	2
Name: arpm.exe MD5: de134eaad6c88fa97b16eb5bc8c1052e Size: 93.69 KB (93696 bytes) Detections: 2 Type: Executable File Path: %TEMP% Group: Malware file Last Updated: May 23, 2011
8.	stetit40.dll	c7989dbd7a7070d150a3b612d5b162fe	1
Name: stetit40.dll MD5: c7989dbd7a7070d150a3b612d5b162fe Size: 122.88 KB (122880 bytes) Detections: 1 Type: Dynamic link library Path: %WINDIR% Group: Malware file Last Updated: June 7, 2011
9.	mptri2.dll	25d64774898feb2111a657421c3be0e2	1
Name: mptri2.dll MD5: 25d64774898feb2111a657421c3be0e2 Size: 98.3 KB (98304 bytes) Detections: 1 Type: Dynamic link library Path: %WINDIR% Group: Malware file Last Updated: June 6, 2011
10.	suipl32.dll	7dcbd89b7dea0eb53aade6c2c16023af	1
Name: suipl32.dll MD5: 7dcbd89b7dea0eb53aade6c2c16023af Size: 131.07 KB (131072 bytes) Detections: 1 Type: Dynamic link library Path: %WINDIR% Group: Malware file Last Updated: June 13, 2011
11.	%Temp%\BibOu_2.exe
Name: %Temp%\BibOu_2.exe Type: Executable File Group: Malware file
12.	%Temp%\Bifrost Coffin Of Evil 1.2.1d.EXE
Name: %Temp%\Bifrost Coffin Of Evil 1.2.1d.EXE Type: Executable File Group: Malware file
13.	Bifrost.exe
Name: Bifrost.exe Type: Executable File Group: Malware file
14.	%ProgramFiles%\Bifrost\server.exe
Name: %ProgramFiles%\Bifrost\server.exe Type: Executable File Group: Malware file

Registry Details

Constructor:Win32/Bifrose.A may create the following registry entry or registry entries:

HKEY..\..\..\..{RegistryKeys}

HKEY_LOCAL_MACHINE\SOFTWARE\Bifrost

HKEY_CURRENT_USER\Software\BIFROST1.2\DIALOG\0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9D71D88C-C598-4935-C5D1-43AA4DB90836}

HKEY_CURRENT_USER\Software\BIFROST1.2\DIALOG

HKEY_CURRENT_USER\Software\BIFROST1.2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\MediaResources\msvideo

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\MediaResources\msvideo

HKEY_CURRENT_USER\Software\Bifrost

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

Constructor:Win32/Bifrose.A

Threat Scorecard

EnigmaSoft Threat Scorecard

Aliases

SpyHunter Detects & Remove Constructor:Win32/Bifrose.A

File System Details

Registry Details

Submit Comment

Trending

Rzfu Ransomware

'YouPorn' Email Scam

Rzkd Ransomware

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen