Fugrafa.188862 removal tips

The Fugrafa.188862 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Fugrafa.188862 virus can do?

Presents an Authenticode digital signature
Authenticode signature is invalid
Anomalous binary characteristics
Binary compilation timestomping detected

How to determine Fugrafa.188862?


File Info:
name: BA0A6DCF270CCDBFB106.mlw
path: /opt/CAPEv2/storage/binaries/d910d3f229af1c5e48d18bdcf01f93d2f62ee0f6be63219c17c27c49d2590da7
crc32: 5A206180
md5: ba0a6dcf270ccdbfb1061a1fd94f3c02
sha1: 17365781c2e7e6d879aba47bd070fce5aa8972f6
sha256: d910d3f229af1c5e48d18bdcf01f93d2f62ee0f6be63219c17c27c49d2590da7
sha512: 69f4556b368949b3a68da6e4771f3eb1356ce1e0b6abdcf30286e2416a0fc4031f5ce173eb5ad422e05e589f6827b04078483d7a661f08f826bb33393c4a5fbc
ssdeep: 98304:+sRXYL9IW1dXg3S/MHmgL553qnstLEYOgy:Xx53qnhqy
type: PE32+ executable (GUI) x86-64, for MS Windows
tlsh: T1E3264C90A6F3827BD465F17099655629B0747FA08E71F24BF304FA2DAB3E560683D332
sha3_384: b53db652eb9bbd7fe3a37cf9499c579d05cf84f7b3c201de2f5c3ac3c255fb77154a57d078c447be2a6cab9ce8841390
ep_bytes: 40534883ec20488bd9e88a050000488b
timestamp: 2100-03-02 06:33:42

Version Info:
CompanyName: Microsoft Corporation
FileDescription: Client Server Runtime Process
FileVersion: 10.0.17134.1 (WinBuild.160101.0800)
InternalName: CSRSS.Exe
LegalCopyright: © Microsoft Corporation. All rights reserved.
OriginalFilename: CSRSS.Exe
ProductName: Microsoft® Windows® Operating System
ProductVersion: 10.0.17134.1
Translation: 0x0409 0x04b0

Fugrafa.188862 also known as:

Elastic	malicious (high confidence)
Cynet	Malicious (score: 100)
FireEye	Gen:Variant.Fugrafa.188862
McAfee	Artemis!BA0A6DCF270C
Cylance	Unsafe
Sangfor	Trojan.Win32.Save.a
Cyren	W64/Ipamor.CZ.gen!Eldorado
ClamAV	Win.Trojan.Generic-9865438-0
BitDefender	Gen:Variant.Fugrafa.188862
NANO-Antivirus	Virus.Win32.Gen.ccmw
MicroWorld-eScan	Gen:Variant.Fugrafa.188862
Avast	Win32:VB-FBX
Emsisoft	Gen:Variant.Fugrafa.188862 (B)
DrWeb	Win32.HLLW.Autoruner.547
McAfee-GW-Edition	BehavesLike.Win64.BadFile.rm
Sophos	Generic ML PUA (PUA)
Ikarus	Trojan.Dropper
GData	Gen:Variant.Fugrafa.188862
Jiangmin	Packed.Krap.gvux
MaxSecure	Trojan.Malware.121218.susgen
Arcabit	Trojan.Fugrafa.D2E1BE
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
VBA32	Worm.AutoRun
MAX	malware (ai score=81)
Malwarebytes	Malware.AI.3696146603
SentinelOne	Static AI – Suspicious PE
Fortinet	W64/Bulz.6330!tr
AVG	Win32:VB-FBX
CrowdStrike	win/malicious_confidence_80% (W)

How to remove Fugrafa.188862?

Fugrafa.188862 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X