Malware

Fugrafa.138501 removal instruction

Malware Removal

The Fugrafa.138501 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Fugrafa.138501 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Attempts to connect to a dead IP:Port (1 unique times)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Guard pages use detected – possible anti-debugging.
  • A process attempted to delay the analysis task.
  • Dynamic (imported) function loading detected
  • Performs HTTP requests potentially not found in PCAP.
  • Enumerates running processes
  • Expresses interest in specific running processes
  • Repeatedly searches for a not-found process, may want to run with startbrowser=1 option
  • Reads data out of its own binary image
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Authenticode signature is invalid
  • Queries information on disks, possibly for anti-virtualization
  • Attempts to modify proxy settings
  • Harvests cookies for information gathering

How to determine Fugrafa.138501?



File Info:

name: B12BF1A840E1AD467C96.mlw
path: /opt/CAPEv2/storage/binaries/2d235542fe82b7b34c3e6b1a3d0b4696f3e1b68a0c25fb29a6fffe8395bffbf7
crc32: 48429B1C
md5: b12bf1a840e1ad467c96d35b4057c5e4
sha1: 2a63d79d9646cb70178e55e959525b3e53295be0
sha256: 2d235542fe82b7b34c3e6b1a3d0b4696f3e1b68a0c25fb29a6fffe8395bffbf7
sha512: 1020ebcd9ce5787b78ecee76ee4218891521dc8e8520bae33ca2bc067e53f3fabf5ce8a078cbe5305d040e96c8521cf6c15e7a6e18588520ea19b129bdcfa768
ssdeep: 49152:lEd02vqJG+Hlf6Aj41PxxxazOOT4dHpE0uj7trUR9ZR28ztZ1YAGdGUJtiwYKkea:U02vQG+ln4bxxaqO8JOoRvR28ztZ1RG0
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1B6C5BF26BB4D90B2D5721030B71DE76715A874321B6A50C7F3C0AF2E69E06D2FA39E47
sha3_384: 770b942f636c9bf706d41c0e96e8f0bb76001f05c3a7275de78bdffaae1e3338cd2140f2fc2475d45e18805b953cdb3b
ep_bytes: e87e040000e980feffff558bec5156ff
timestamp: 2018-08-14 00:30:31


Version Info:

0: [No Data]

Fugrafa.138501 also known as:

BkavW32.AIDetect.malware1
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Fugrafa.138501
FireEyeGeneric.mg.b12bf1a840e1ad46
CAT-QuickHealTrojan.Skeeyah.S3293683
ALYacGen:Variant.Fugrafa.138501
VIPREGen:Variant.Fugrafa.138501
SangforTrojan.Win32.Save.a
K7AntiVirusAdware ( 00535f0d1 )
K7GWAdware ( 00535f0d1 )
CrowdStrikewin/grayware_confidence_100% (D)
CyrenW32/S-2a1c663c!Eldorado
SymantecPUA.Downloader
tehtrisGeneric.Malware
ESET-NOD32a variant of Win32/Softcnapp.BC potentially unwanted
APEXMalicious
ClamAVWin.Malware.Softcnapp-6787524-0
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Variant.Fugrafa.138501
AvastWin32:MalwareX-gen [Trj]
RisingAdware.Downloader!1.BBEC (CLASSIC)
Ad-AwareGen:Variant.Fugrafa.138501
EmsisoftGen:Variant.Fugrafa.138501 (B)
ComodoApplication.Win32.AdWare.Softcnapp.D@7wjo8g
DrWebAdware.Softcnapp.92
McAfee-GW-EditionBehavesLike.Win32.Generic.vh
SophosGeneric ML PUA (PUA)
SentinelOneStatic AI – Malicious PE
JiangminTrojan.Generic.cnune
AviraHEUR/AGEN.1224828
MAXmalware (ai score=83)
GDataGen:Variant.Fugrafa.138501
CynetMalicious (score: 100)
AhnLab-V3PUP/Win32.Helper.R233980
McAfeeSoftcnapp
VBA32BScope.Adware.Puwaders
MalwarebytesAdload.Adware.Malvertising.DDS
TencentTrojan.Win32.Generic.e
IkarusPUA.Softcnapp
MaxSecureTrojan.Malware.300983.susgen
BitDefenderThetaGen:NN.ZexaF.34742.NAW@aqRftXmj
AVGWin32:MalwareX-gen [Trj]
Cybereasonmalicious.d9646c
PandaTrj/Genetic.gen

How to remove Fugrafa.138501?

Fugrafa.138501 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment