Malware

Fugrafa.254659 removal

Malware Removal

The Fugrafa.254659 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Fugrafa.254659 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Presents an Authenticode digital signature
  • CAPE extracted potentially suspicious content
  • A HTTP/S link was seen in a script or command line
  • Unconventionial language used in binary resources: Russian
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • A scripting utility was executed
  • Attempts to execute suspicious powershell command arguments
  • Anomalous binary characteristics
  • Binary compilation timestomping detected

How to determine Fugrafa.254659?



File Info:

name: 369216141251B78C15CA.mlw
path: /opt/CAPEv2/storage/binaries/6fba43e17ccf6560a9963af7693f2e09ae04cb955c838585f814d1bb5cbb50bb
crc32: 8CEE7373
md5: 369216141251b78c15ca9dd2565da3ab
sha1: 43bb966a57c712d485837ec90247299496db1c3c
sha256: 6fba43e17ccf6560a9963af7693f2e09ae04cb955c838585f814d1bb5cbb50bb
sha512: 214ded44376da51fedbf2eb5eed940e4216c7ede5e8bd45deb70ce19705767526c9ecd6f10b72341f9896b23ff4bcdba292124d9c1df6de214b18a3866208462
ssdeep: 24576:jNz9PfU4IGbPj6yo5GnsYgpLN2vQKQm4e9tye/ecVSDUgjGf7o95D3uVBZpcLpVj:hz9XxPj6knsnxgQKQe93JVw7zu/Hcvrb
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T177A522E64BF86871E854667338E0917E37E27D49CF7844BBE34BE48924715C121B2B2B
sha3_384: 2b486d92d2338a1dbe86ac04f6592b25c23328070e5e025482cb8105dab1ec4e451662d20e8e4eb8ff72574d6762a978
ep_bytes: e866070000e906000000cccccccccccc
timestamp: 2040-03-15 19:34:43


Version Info:

Comments: Text Own Software
CompanyName: Text Own Software
FileDescription: Text Own Software
LegalCopyright: Text Own Software
LegalTrademarks: Text Own Software
ProductName: Text Own Software
FileVersion: 9.82.354
ProductVersion: 9.82.354
InternalName: Text Own
OriginalFilename: Text Own.exe
Translation: 0x0407 0x04b0

Fugrafa.254659 also known as:

Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Fugrafa.254659
FireEyeGeneric.mg.369216141251b78c
ALYacGen:Variant.Fugrafa.254659
VIPREGen:Variant.Fugrafa.254659
Cybereasonmalicious.41251b
ESET-NOD32a variant of Win32/Packed.CAB.DQ suspicious
CynetMalicious (score: 100)
BitDefenderGen:Variant.Fugrafa.254659
AvastWin32:Evo-gen [Trj]
Ad-AwareGen:Variant.Fugrafa.254659
SophosGeneric ML PUA (PUA)
McAfee-GW-EditionArtemis
Trapminemalicious.high.ml.score
EmsisoftGen:Variant.Fugrafa.254659 (B)
IkarusTrojan.Barys
GDataGen:Variant.Fugrafa.254659
ArcabitTrojan.Fugrafa.D3E2C3
MicrosoftTrojan:Win32/Wacatac.B!ml
GoogleDetected
AhnLab-V3Trojan/Win.Generic.R512063
McAfeeArtemis!369216141251
MAXmalware (ai score=82)
MalwarebytesTrojan.Downloader
MaxSecureTrojan.Malware.300983.susgen
AVGWin32:Evo-gen [Trj]

How to remove Fugrafa.254659?

Fugrafa.254659 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment