Malware

Fugrafa.37090 removal tips

Malware Removal

The Fugrafa.37090 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Fugrafa.37090 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Creates RWX memory
  • Anomalous file deletion behavior detected (10+)
  • Dynamic (imported) function loading detected
  • Performs HTTP requests potentially not found in PCAP.
  • Enumerates running processes
  • Expresses interest in specific running processes
  • Repeatedly searches for a not-found process, may want to run with startbrowser=1 option
  • Reads data out of its own binary image
  • A process created a hidden window
  • Drops a binary and executes it
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Uses Windows utilities for basic functionality
  • Deletes its original binary from disk
  • Behavioural detection: Transacted Hollowing
  • Steals private information from local Internet browsers
  • Collects and encrypts information about the computer likely to send to C2 server
  • Creates a hidden or system file
  • Creates a copy of itself
  • Uses suspicious command line tools or Windows utilities

How to determine Fugrafa.37090?



File Info:

name: 9AB64A9A063EFB054F6E.mlw
path: /opt/CAPEv2/storage/binaries/16990fadbf620ba6cce2372f1d790860f08c824d72e9f836edfc14e5155aab0a
crc32: 66BAAA7C
md5: 9ab64a9a063efb054f6ef66a835fe138
sha1: 6a3872fc351c840430365d63ea2dd98462d25167
sha256: 16990fadbf620ba6cce2372f1d790860f08c824d72e9f836edfc14e5155aab0a
sha512: 67a1b183193615049a841b1218b047a5d686ba4c50bd9b428d9c7fa57e98303e6f0ce163d2cbec5d68068cc64fa976cabe9292a46e03bf61409f17196f1d5f0a
ssdeep: 24576:xclAVSBL7NRpZm5ovxn2QIHqUvX39ZpzEGGoBfSfTqUwQWbHnwDdrUK0y7Tv9OiC:X8L7XSeF2QIHxZUohsbwQua7j9ZQX
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T16F352307AAA140E5E7FECAB3516B7BA65AF1BD24B020D20F4704C99B3530B65CC58B77
sha3_384: f906b2497db2d949580cbeb7b4640872c4d5961da07af602fd9b92536d86185cdd9984ed082afb2c7f7de7afee54a585
ep_bytes: 81ecf4020000535556576a2033edbf20
timestamp: 2016-07-25 09:15:08


Version Info:

0: [No Data]

Fugrafa.37090 also known as:

BkavW32.AIDetect.malware2
LionicRiskware.Win32.Generic.1!c
MicroWorld-eScanGen:Variant.Fugrafa.37090
FireEyeGeneric.mg.9ab64a9a063efb05
McAfeeArtemis!9AB64A9A063E
MalwarebytesAdware.Neoreklami
SangforTrojan.Win32.Wacatac.B
K7AntiVirusRiskware ( 0040eff71 )
AlibabaAdWare:Win32/Neoreklami.1dd76fba
K7GWRiskware ( 0040eff71 )
CrowdStrikewin/malicious_confidence_100% (D)
BitDefenderThetaGen:NN.ZedlaF.34084.nu4@aCHcv3i
CyrenW32/S-6cfd60b1!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32multiple detections
Kasperskynot-a-virus:UDS:AdWare.Win32.Neoreklami.gen
BitDefenderGen:Variant.Fugrafa.37090
NANO-AntivirusRiskware.Win32.Plugin.eobzgj
SUPERAntiSpywarePUP.NeoBar/Variant
AvastWin32:Adware-gen [Adw]
TencentMalware.Win32.Gencirc.10b6de8c
Ad-AwareGen:Variant.Fugrafa.37090
EmsisoftGen:Variant.Fugrafa.37090 (B)
DrWebAdware.Plugin.1265
VIPRETrojan.Win32.Generic!BT
McAfee-GW-EditionBehavesLike.Win32.PUP.tc
SophosGeneric PUA GK (PUA)
GDataGen:Variant.Fugrafa.37090
JiangminAdWare.Neoreklami.ckz
AviraHEUR/AGEN.1134686
MAXmalware (ai score=88)
Antiy-AVLTrojan/Generic.ASMalwS.180C869
APEXMalicious
MicrosoftBrowserModifier:Win32/Neobar
CynetMalicious (score: 99)
AhnLab-V3PUP/Win32.Neobar.R186104
ALYacGen:Variant.Fugrafa.37090
VBA32Adware.Neobar
RisingTrojan.Generic@ML.94 (RDMK:mZsws2xKOvnLHagHDhSZyA)
YandexTrojan.GenAsa!WGke6gQlTFw
SentinelOneStatic AI – Suspicious PE
WebrootW32.Adware.Gen
AVGWin32:Adware-gen [Adw]
Cybereasonmalicious.a063ef
PandaTrj/Genetic.gen

How to remove Fugrafa.37090?

Fugrafa.37090 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment