Malware

Fugrafa.3869 removal tips

Malware Removal

The Fugrafa.3869 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Fugrafa.3869 virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Starts servers listening on 127.0.0.1:30057
  • Reads data out of its own binary image
  • The binary likely contains encrypted or compressed data.
  • Installs Tor on the infected machine
  • Installs itself for autorun at Windows startup
  • Creates a hidden or system file
  • Creates a copy of itself
  • Anomalous binary characteristics

How to determine Fugrafa.3869?



File Info:

crc32: E573AAAC
md5: 6e7def95a47e1093e57f7ceb743d0f5d
name: 6E7DEF95A47E1093E57F7CEB743D0F5D.mlw
sha1: d4ba2f35e4c1218ffacf555108d51889cd90414c
sha256: 37c70bac39c8de2c70cb533e2928f0a3aa40b07445bc00a127282f839726f38e
sha512: 3d32be0482d879546645331a1be5f934df340a46b43aab54b8c555db1260dfcdc902452c2f718fe7cd7ffba49247e356181eb56f8fca5eeaff1fac9a4c9ea5a6
ssdeep: 24576:AKN1tDfbgTb++NmwNnnt2PLmgCY7kNNpWcPcZnJlHdHdHdHfFfHdHdHdHfFfHdHI:AKBfMT6+R5nt2P4jppcZnJvc
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: xa9 2006 Microsoft Corporation.  All rights reserved.
InternalName: MStore
FileVersion: 12.0.6606.1000
CompanyName: Microsoft Corporation
LegalTrademarks1: Microsoftxae is a registered trademark of Microsoft Corporation.
LegalTrademarks2: Windowsxae is a registered trademark of Microsoft Corporation.
ProductName: Microsoft Clip Organizer
ProductVersion: 12.0.6606.1000
FileDescription: Clip Organizer
OriginalFilename: MStore.exe
Translation: 0x0000 0x04e4

Fugrafa.3869 also known as:

BkavW32.AIDetect.malware1
K7AntiVirusTrojan ( 005224381 )
Elasticmalicious (high confidence)
DrWebTrojan.Encoder.7111
CynetMalicious (score: 100)
CAT-QuickHealRansom.Cerber.A4
ALYacGen:Variant.Fugrafa.3869
MalwarebytesMalware.AI.1887643743
ZillyaTrojan.Shade.Win32.444
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaRansom:Win32/Troldesh.e3199101
K7GWTrojan ( 004b8aa51 )
Cybereasonmalicious.5a47e1
BaiduWin32.Trojan.Kryptik.ayf
CyrenW32/Kryptik.CUI.gen!Eldorado
SymantecPacked.Generic.459
ESET-NOD32Win32/Filecoder.Shade.B
APEXMalicious
AvastWin32:Malware-gen
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Variant.Fugrafa.3869
NANO-AntivirusTrojan.Win32.Shade.enrxnb
MicroWorld-eScanGen:Variant.Fugrafa.3869
TencentMalware.Win32.Gencirc.1149dddd
Ad-AwareGen:Variant.Fugrafa.3869
SophosML/PE-A + Mal/Cerber-K
ComodoTrojWare.Win32.Ransom.Cerber.FJ@6wjqwh
BitDefenderThetaGen:NN.ZexaF.34670.ur1@aORmwYai
VIPRETrojan.Win32.Generic!BT
TrendMicroRansom_HPCERBER.SMALY5A
McAfee-GW-EditionBehavesLike.Win32.Generic.th
FireEyeGeneric.mg.6e7def95a47e1093
EmsisoftTrojan-Ransom.Shade (A)
SentinelOneStatic AI – Malicious PE
WebrootW32.Malware.Gen
AviraHEUR/AGEN.1125229
Antiy-AVLTrojan/Win32.TSGeneric
MicrosoftRansom:Win32/Troldesh.A
ArcabitTrojan.Fugrafa.DF1D
AegisLabTrojan.Win32.Shade.j!c
ZoneAlarmHEUR:Trojan.Win32.Generic
GDataGen:Variant.Fugrafa.3869
AhnLab-V3Win-Trojan/Cerber.Exp
Acronissuspicious
McAfeeRansomware-CBER!6E7DEF95A47E
MAXmalware (ai score=100)
VBA32BScope.TrojanDownloader.Dridex
PandaTrj/GdSda.A
TrendMicro-HouseCallRansom_HPCERBER.SMALY5A
RisingTrojan.Kryptik!1.AE9C (CLOUD)
YandexTrojan.GenAsa!dBczaYBiuVs
IkarusTrojan-Ransom.Cerber
eGambitGeneric.Malware
FortinetW32/Kryptik.HGZD!tr
AVGWin32:Malware-gen
Paloaltogeneric.ml
Qihoo-360Win32/Ransom.Shade.HxQBEpsA

How to remove Fugrafa.3869?

Fugrafa.3869 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment