Malware

Should I remove “Fugrafa.103303”?

Malware Removal

The Fugrafa.103303 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Fugrafa.103303 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Unconventionial language used in binary resources: Russian
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Fugrafa.103303?



File Info:

name: BC61C5350E4095AD1EA2.mlw
path: /opt/CAPEv2/storage/binaries/7b962bd82d089013c0275e7cafc8c3eaeee12e2d6394b3d861d6324b044619b3
crc32: DC5A4F41
md5: bc61c5350e4095ad1ea2082833970dd0
sha1: 6d3456d7632ced853988983cb0815f130f403e16
sha256: 7b962bd82d089013c0275e7cafc8c3eaeee12e2d6394b3d861d6324b044619b3
sha512: 414663ed625220912ff116eb68bc4c43c84d2e3f4e698ea36feff819428497c9200bc8131f3a04e3dac0c47cca22d7e3d98be60b471fc853cb73df4450f4a542
ssdeep: 6144:ak1Fx8/b+of1Qq1Rr3Lf5906Mzk0bVzNv+SE84r:f1/8/b+of1F1tLfj06J0bV52So
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T15A54F1603190D072E85396349078CBB28A7EB93214B25457BBE8673C5FB0BC19B7639F
sha3_384: 242da3c48819ec6a9a26bf40d6b2330f190a81274edfb66a7c1f1c7c3c5b06d6ffa2086ffd0dcc2dd986e40348f728b2
ep_bytes: e89d6b0000e989feffff8bff558bec83
timestamp: 2013-01-21 20:01:30


Version Info:

CompanyName: IncDev Tech.
FileDescription: COM+ tools for AccessDB Package
FileVersion: 2.5.1.1
InternalName: comtools
LegalCopyright: Copyright (C) 2003-2012 - IncDev Tech.
OriginalFilename: comtools
ProductName: COM+ tools for AccessDB Package
ProductVersion: 2.5.1.1
Translation: 0x0009 0x04b0

Fugrafa.103303 also known as:

LionicTrojan.Win32.Generic.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Fugrafa.103303
FireEyeGeneric.mg.bc61c5350e4095ad
McAfeeTrojan-FKJR!BC61C5350E40
CylanceUnsafe
ZillyaTrojan.Zbot.Win32.100913
SangforTrojan.Win32.ZPACK.Gen4
K7AntiVirusSpyware ( 0029a43a1 )
AlibabaTrojanSpy:Win32/SScope.3ad649ad
K7GWSpyware ( 0029a43a1 )
Cybereasonmalicious.50e409
ArcabitTrojan.Fugrafa.D19387
VirITTrojan.Win32.Panda.DOJ
CyrenW32/Fareit.E.gen!Eldorado
SymantecTrojan.Gen
ESET-NOD32Win32/Spy.Zbot.AAO
APEXMalicious
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Variant.Fugrafa.103303
NANO-AntivirusTrojan.Win32.Panda.bfqvsa
AvastWin32:Malware-gen
RisingSpyware.Zbot!8.16B (CLOUD)
Ad-AwareGen:Variant.Fugrafa.103303
EmsisoftGen:Variant.Fugrafa.103303 (B)
ComodoMalware@#7f985wqtrkrc
DrWebTrojan.PWS.Panda.2401
VIPRETrojan.Win32.Reveton.a (v)
TrendMicroTROJ_FRS.0NA103BL20
McAfee-GW-EditionBehavesLike.Win32.Generic.dc
SophosMal/Generic-R + Mal/Ransom-AL
SentinelOneStatic AI – Suspicious PE
JiangminTrojanSpy.Zbot.csnx
WebrootW32.Malware.Gen
AviraTR/Crypt.ZPACK.Gen4
Antiy-AVLTrojan/Generic.ASMalwS.2096BC
KingsoftWin32.Troj.Zbot.ij.(kcloud)
MicrosoftPWS:Win32/Zbot
GDataGen:Variant.Fugrafa.103303
CynetMalicious (score: 100)
AhnLab-V3Spyware/Win32.Zbot.R51091
Acronissuspicious
VBA32SScope.Trojan.FakeAV.01110
ALYacGen:Variant.Fugrafa.103303
MAXmalware (ai score=100)
TrendMicro-HouseCallTROJ_FRS.0NA103BL20
TencentWin32.Trojan.Generic.Phgb
YandexTrojan.GenAsa!mY33mNYC/bw
IkarusTrojan-PWS.Win32.Zbot
FortinetW32/Zbot.ASM!tr
BitDefenderThetaGen:NN.ZexaF.34182.rq0@ae2gT0fk
AVGWin32:Malware-gen
PandaTrj/Genetic.gen
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Fugrafa.103303?

Fugrafa.103303 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment