Malware

Application.Graftor.970901 (B) information

Malware Removal

The Application.Graftor.970901 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Application.Graftor.970901 (B) virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Creates a copy of itself

How to determine Application.Graftor.970901 (B)?



File Info:

name: 6944368710E7E5C40C57.mlw
path: /opt/CAPEv2/storage/binaries/84d991864bbb3296b1eaf0a5a46e5fc59f7bcb7030d1667ec677e058b78d13ca
crc32: 66366986
md5: 6944368710e7e5c40c571fc0d75eddc5
sha1: 742df8e48acfb4616e98a0e35485c2cc2d44105e
sha256: 84d991864bbb3296b1eaf0a5a46e5fc59f7bcb7030d1667ec677e058b78d13ca
sha512: c761b70f61a9f484a150db7bf57a81742a29ab547582b02b7b66ee2ecbde65ac354ba805084d201573eae31680d4d667f58eef37289f0979deafd6bb5e040a9b
ssdeep: 12288:VlkEsgskEsvmykEsgfkEs0kEsNhwVFkEsMX0kEsT+OkEstkl:VOunQYMRAVusqP1kl
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1A3B4DF1257ED8228F1F62B709E7582B11A26BCBBF978C20C61856D5F7872E409D60F73
sha3_384: 35a0a347415b220b35c163b385105f42a36f00c7590d90e4b5b080d8f9adbd7f691abf53f3e80f77c0b698c2892e3cd7
ep_bytes: 558bec6aff6810b24600680a99460064
timestamp: 2021-06-25 03:52:13


Version Info:

CompanyName: SWE Sven Ritter
FileDescription: Squeez CommandLine
FileVersion: 19.10.9900
LegalCopyright: Copyright © 1993-2020 Sven Ritter. Alle Rechte vorbehalten.
OriginalFilename: sqc.exe
ProductName: SpeedCommander
ProductVersion: 19.10
Translation: 0x0407 0x04b0

Application.Graftor.970901 (B) also known as:

BkavW32.AIDetect.malware1
LionicHeuristic.File.Generic.00×1!p
tehtrisGeneric.Malware
MicroWorld-eScanGen:Variant.Application.Graftor.970901
FireEyeGeneric.mg.6944368710e7e5c4
ALYacGen:Variant.Application.Graftor.970901
CylanceUnsafe
ZillyaTrojan.Kryptik.Win32.3873185
SangforTrojan.Win32.Kryptik.Vpi6
K7AntiVirusTrojan ( 005822031 )
AlibabaTrojan:Win32/Staser.05541598
K7GWTrojan ( 005822031 )
CrowdStrikewin/malicious_confidence_100% (W)
ArcabitTrojan.Application.Graftor.DED095
CyrenW32/Kryptik.EMG.gen!Eldorado
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Kryptik.HLMN
APEXMalicious
Paloaltogeneric.ml
CynetMalicious (score: 100)
KasperskyHEUR:Trojan.Win32.Staser.gen
BitDefenderGen:Variant.Application.Graftor.970901
AvastWin32:CrypterX-gen [Trj]
TencentTrojan.Win32.Staser.za
Ad-AwareGen:Variant.Application.Graftor.970901
TACHYONTrojan/W32.Staser.524288.C
EmsisoftGen:Variant.Application.Graftor.970901 (B)
DrWebTrojan.MulDrop11.28728
VIPREGen:Variant.Application.Graftor.970901
TrendMicroTROJ_GEN.R007C0PHH22
McAfee-GW-EditionGenericRXPB-SU!6944368710E7
Trapminemalicious.high.ml.score
SophosGeneric PUA HE (PUA)
SentinelOneStatic AI – Malicious PE
AviraHEUR/AGEN.1244176
Antiy-AVLTrojan/Generic.ASMalwS.50E8
MicrosoftTrojan:Win32/Wacatac.B!ml
ZoneAlarmHEUR:Trojan.Win32.Staser.gen
GDataWin32.Trojan.PSE.3HRPE2
GoogleDetected
AhnLab-V3Trojan/Win.Generic.R426052
Acronissuspicious
McAfeeGenericRXPB-SU!6944368710E7
MAXmalware (ai score=70)
MalwarebytesAdware.DownloadAssistant
TrendMicro-HouseCallTROJ_GEN.R007C0PHH22
RisingTrojan.Kryptik!1.D770 (CLASSIC)
IkarusTrojan.Win32.Crypt
MaxSecureTrojan.Malware.73802172.susgen
FortinetW32/Kryptik.HLMN!tr
BitDefenderThetaGen:NN.ZexaF.34606.Gy0@audMfCwi
AVGWin32:CrypterX-gen [Trj]
PandaTrj/GdSda.A

How to remove Application.Graftor.970901 (B)?

Application.Graftor.970901 (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment