Malware

Application.Graftor.970901 removal instruction

Malware Removal

The Application.Graftor.970901 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Application.Graftor.970901 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • Enumerates running processes
  • Expresses interest in specific running processes
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Creates a copy of itself

How to determine Application.Graftor.970901?



File Info:

name: BC600A9A242D82DD7D0B.mlw
path: /opt/CAPEv2/storage/binaries/c3c3098d526808dfca983cae1285d9627809cf24ddae1bf7143d460a879b6849
crc32: 6BF25A22
md5: bc600a9a242d82dd7d0bcb3534a4ee15
sha1: bd439e4de3d4e0f2f99d9e3e5e2c0445b0f5152b
sha256: c3c3098d526808dfca983cae1285d9627809cf24ddae1bf7143d460a879b6849
sha512: 37b5f8da561c276785664d0849ab938f3a8d3bc2f884bff955180ebecfe25a85a4c241c4bc475edb18d58c249e70bc9c94f1bdfd3be1259fa5342ccb528ace0d
ssdeep: 12288:IkEsxkEs4/kEscQvkEs/GHkEsw4O7kEs859fxkEsAPBTkEs2lBn:FaAsfcnGE44nas+BYul
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T10AB4CF1257FD8218F0B62B759F7582B06B277CEAE978820CA1856D4F7872E409D60F73
sha3_384: ef467a5986f68349badeae1a90354ef1fa8d1cd7688273c8573b5bcd7727ff91aa5498caacef8fb0827ea99bd7860259
ep_bytes: 558bec6aff6810b24600680a99460064
timestamp: 2021-06-25 02:29:11


Version Info:

CompanyName: SWE Sven Ritter
FileDescription: Squeez CommandLine
FileVersion: 19.10.9900
LegalCopyright: Copyright © 1993-2020 Sven Ritter. Alle Rechte vorbehalten.
OriginalFilename: sqc.exe
ProductName: SpeedCommander
ProductVersion: 19.10
Translation: 0x0407 0x04b0

Application.Graftor.970901 also known as:

BkavW32.AIDetect.malware1
LionicTrojan.Win32.Staser.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Application.Graftor.970901
FireEyeGeneric.mg.bc600a9a242d82dd
ALYacGen:Variant.Application.Graftor.970901
CylanceUnsafe
SangforTrojan.Win32.Staser.gen
AlibabaTrojan:Win32/Kryptik.19cf7dc8
K7GWHacktool ( 700007861 )
CrowdStrikewin/malicious_confidence_100% (W)
ArcabitTrojan.Application.Graftor.DED095
CyrenW32/Kryptik.EMG.gen!Eldorado
SymantecML.Attribute.HighConfidence
tehtrisGeneric.Malware
ESET-NOD32a variant of Win32/Kryptik.HLMN
APEXMalicious
KasperskyHEUR:Trojan.Win32.Staser.gen
BitDefenderGen:Variant.Application.Graftor.970901
SUPERAntiSpywareTrojan.Agent/Gen-Jaik
AvastWin32:CrypterX-gen [Trj]
TencentWin32.Trojan.Staser.Phga
Ad-AwareGen:Variant.Application.Graftor.970901
SophosMal/Generic-S
F-SecureHeuristic.HEUR/AGEN.1244176
DrWebTrojan.MulDrop11.28728
McAfee-GW-EditionBehavesLike.Win32.Generic.hc
EmsisoftGen:Variant.Application.Graftor.970901 (B)
IkarusTrojan.Win32.Crypt
AviraHEUR/AGEN.1244176
MAXmalware (ai score=78)
Antiy-AVLTrojan/Win32.Staser
MicrosoftPWS:Win32/Zbot!ml
ViRobotTrojan.Win32.Z.Kryptik.528384.MO
ZoneAlarmHEUR:Trojan.Win32.Staser.gen
GDataWin32.Trojan.PSE.3HRPE2
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win.Generic.R426052
Acronissuspicious
McAfeeGenericRXPB-SU!BC600A9A242D
MalwarebytesAdware.DownloadAssistant
TrendMicro-HouseCallTROJ_GEN.R002C0PE722
RisingBackdoor.TeviRat!8.1089E (TFE:dGZlOgHZ4aEKKZ9WJw)
SentinelOneStatic AI – Malicious PE
FortinetW32/Kryptik.HLMN!tr
BitDefenderThetaGen:NN.ZexaF.34638.Gy0@a4tlF1ui
AVGWin32:CrypterX-gen [Trj]
PandaTrj/Genetic.gen

How to remove Application.Graftor.970901?

Application.Graftor.970901 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment