Spy

About “BAT/Spy.FtpSend.M” infection

Malware Removal

The BAT/Spy.FtpSend.M is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What BAT/Spy.FtpSend.M virus can do?

  • Reads data out of its own binary image
  • Uses Windows utilities for basic functionality
  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics

Related domains:

z.whorecord.xyz
a.tomx.xyz

How to determine BAT/Spy.FtpSend.M?


File Info:

crc32: 1060A49F
md5: 72a23f63acede68e72af41fb849779c2
name: grafil.exe
sha1: e86e56c0b26b0faef38eea7e6fdb16bebc944f78
sha256: 79ce83777e8c71aca24a0306f53e2f180cf56fd30a0f4177294281e28322cc2b
sha512: 941ab21318c1d4848aaf5fe2c8aca75970b6620a0d6d5060a3686f26a59b3f439b98aa69b0409806055b12db6b1d202adba6e8ad101c29d6090c84d4435835bb
ssdeep: 6144:su2urzh9xu/Xkauf6XovbPST4YOQaLhELiRiG+DO6IOeZM5mqg2W2G8:sutrzh9xOXkiXovbGXOMLmilDO9ZM5my
type: PE32 executable (GUI) Intel 80386, for MS Windows, RAR self-extracting archive

Version Info:

0: [No Data]

BAT/Spy.FtpSend.M also known as:

MicroWorld-eScanTrojan.GenericKD.32617812
FireEyeTrojan.GenericKD.32617812
McAfeeArtemis!72A23F63ACED
CylanceUnsafe
VIPRETrojan.Win32.Generic.pak!cobra
AegisLabTrojan.BAT.Miner.4!c
SangforMalware
K7AntiVirusSpyware ( 0054452d1 )
BitDefenderTrojan.GenericKD.32617812
K7GWSpyware ( 0054452d1 )
Cybereasonmalicious.3acede
TrendMicroTROJ_GEN.R002C0PCV20
SymantecTrojan.Gen.MBT
APEXMalicious
AvastBV:Spy-Q [Trj]
GDataScript.Trojan.Agent.FS80QR
KasperskyHEUR:Trojan.BAT.Miner.gen
AlibabaTrojanSpy:BAT/FtpSend.f8ff122b
NANO-AntivirusTrojan.Win32.Miner.fzvbcc
RisingTrojan.Bitrep!8.F596 (CLOUD)
Endgamemalicious (high confidence)
SophosMal/Generic-S
ComodoMalware@#la6sqzfs8geg
F-SecureMalware.BAT/Spy.FtpSend.bldbf
DrWebTrojan.Ftpspy.9
Trapminemalicious.moderate.ml.score
EmsisoftTrojan.GenericKD.32617812 (B)
CyrenW32/Trojan.JJIM-6953
WebrootW32.Malware.Gen
AviraBAT/Spy.FtpSend.bldbf
Antiy-AVLTrojan/Win32.TSGeneric
MicrosoftTrojan:Win32/Tiggre!rfn
ArcabitTrojan.Generic.D1F1B554
ZoneAlarmHEUR:Trojan-Dropper.Win32.Miner.gen
CynetMalicious (score: 85)
ALYacTrojan.GenericKD.32617812
MAXmalware (ai score=100)
Ad-AwareTrojan.GenericKD.32617812
MalwarebytesTrojan.Dropper.SFX
PandaTrj/CI.A
ESET-NOD32BAT/Spy.FtpSend.M
TrendMicro-HouseCallTROJ_GEN.R002C0PCV20
TencentBat.Trojan.Miner.Aheo
YandexTrojan.Agent!R9fUbeWXi2Q
IkarusTrojan.Bat.Spy
FortinetW32/Heuri.D
AVGBV:Spy-Q [Trj]
Paloaltogeneric.ml
CrowdStrikewin/malicious_confidence_60% (W)
Qihoo-360Generic/Trojan.89b

How to remove BAT/Spy.FtpSend.M?

BAT/Spy.FtpSend.M removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment