Adware

Should I remove “Adware.Graftor.13285”?

Malware Removal

The Adware.Graftor.13285 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Adware.Graftor.13285 virus can do?

  • Performs HTTP requests potentially not found in PCAP.
  • Unconventionial language used in binary resources: Korean
  • Authenticode signature is invalid
  • CAPE detected the embedded pe malware family
  • Attempts to modify proxy settings
  • Touches a file containing cookies, possibly for information gathering
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Adware.Graftor.13285?



File Info:

name: BBAB2AF82E11D19324D5.mlw
path: /opt/CAPEv2/storage/binaries/667d9d6e8fdf35e6554f30d9da5c04a471a36bde7c93e3da2af40f42bb6f0fc5
crc32: C176DC5E
md5: bbab2af82e11d19324d537fcfc7d2928
sha1: 0eb8938e3d7dd3505a395cfd7cef500d384de88a
sha256: 667d9d6e8fdf35e6554f30d9da5c04a471a36bde7c93e3da2af40f42bb6f0fc5
sha512: efb581a499493c2d6b92df29e938ac6c4d156fb7f9d797fac6c733a502b96f4780724fa4c952329d9e5d906d576e88b901b638ec73b1e568f0118b8e0557b542
ssdeep: 3072:nh8yUTqc1JZ3V9VceqMFHC+TOzdlXqkkRfNpC8Kj5iFTAuHUZ9mp:aycTFiugdl6kkR1pC1gX0Z9m
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T15F24393D77A2C07ECC57203408E5A3B5ED6AAEA00B5555F3B7903BA95E352F2183528E
sha3_384: 7b1070f5ffc9a96944e510324f11b29f21200a14d7c26f01f8e43dc1e59428bc359abc55d9ce8edb45fa5e27cb74e32d
ep_bytes: e854710000e978feffff8bff558bec81
timestamp: 2010-12-30 21:43:55


Version Info:

0: [No Data]

Adware.Graftor.13285 also known as:

BkavW32.Common.912C3ABE
LionicTrojan.Win32.Regie.lmzX
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Adware.Graftor.13285
FireEyeGeneric.mg.bbab2af82e11d193
SkyhighBehavesLike.Win32.NetLoader.dh
McAfeeDownloader-FBFT!BBAB2AF82E11
MalwarebytesGeneric.Malware.AI.DDS
VIPREGen:Variant.Adware.Graftor.13285
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 005385bd1 )
AlibabaTrojanDownloader:Win32/Fosniw.76522548
K7GWTrojan ( 005385bd1 )
CrowdStrikewin/malicious_confidence_90% (W)
BitDefenderThetaGen:NN.ZexaF.36802.muW@aWsNmJgG
SymantecW32.Palevo
ESET-NOD32a variant of Win32/TrojanDownloader.Fosniw.AU
TrendMicro-HouseCallTROJ_FOSNIW.SMIB
Kasperskynot-a-virus:HEUR:AdWare.Win32.Agent.gen
BitDefenderGen:Variant.Adware.Graftor.13285
NANO-AntivirusRiskware.Win32.IEKeyword.qoacm
AvastWin32:Fosniw-M [Trj]
TencentWin32.AdWare.Agent.Sgil
EmsisoftGen:Variant.Adware.Graftor.13285 (B)
F-SecureP2P-Worm:W32/Palevo.DT
DrWebTrojan.DownLoad2.19665
ZillyaDownloader.Fosniw.Win32.8949
TrendMicroTROJ_FOSNIW.SMIB
SophosTroj/Fosniw-F
IkarusTrojan.Win32.Regie
JiangminTrojan/Generic.csbc
GoogleDetected
AviraBDS/Backdoor.Gen2
VaristW32/Fosniw.D.gen!Eldorado
Antiy-AVLTrojan[Downloader]/Win32.Fosniw.au
Kingsoftmalware.kb.a.997
MicrosoftTrojanDownloader:Win32/Fosniw.C
XcitiumTrojWare.Win32.Downloader.Fosniw.AL@2nisxt
ArcabitTrojan.Adware.Graftor.D33E5
ViRobotTrojan.Win32.Fosniw.Gen
ZoneAlarmnot-a-virus:HEUR:AdWare.Win32.Agent.gen
GDataGen:Variant.Adware.Graftor.13285
CynetMalicious (score: 99)
AhnLab-V3Win-Trojan/Regie.Gen
VBA32SScope.Trojan.Regie.ark
ALYacGen:Variant.Adware.Graftor.13285
MAXmalware (ai score=99)
Cylanceunsafe
PandaTrj/Genetic.gen
RisingTrojan.DL.Win32.Fosniw.a (CLASSIC)
YandexTrojan.GenAsa!HcvbbIeEA5E
SentinelOneStatic AI – Suspicious PE
FortinetW32/Kryptik.ANY!tr
AVGWin32:Fosniw-M [Trj]
Cybereasonmalicious.82e11d
DeepInstinctMALICIOUS
alibabacloudBackdoor

How to remove Adware.Graftor.13285?

Adware.Graftor.13285 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment