Malware

Should I remove “Fugrafa.52752”?

Malware Removal

The Fugrafa.52752 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Fugrafa.52752 virus can do?

  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Fugrafa.52752?



File Info:

name: 278768FA45DF8648ABE1.mlw
path: /opt/CAPEv2/storage/binaries/824b565186e0d0badff74a71a2f99475a3437b4dfaac670b5c55f2ea3c11b1be
crc32: 25578AFE
md5: 278768fa45df8648abe1f2a26b598862
sha1: 283def67f819de3308f7cfe3c606cbd46516782e
sha256: 824b565186e0d0badff74a71a2f99475a3437b4dfaac670b5c55f2ea3c11b1be
sha512: 453a7a8accead5e160768bf2543583cd955f513a3e5a9093f553ec4f65387f1203e943381e0e959964e17997ab0b9a330078eaead6a6b529019f11f74efe45b6
ssdeep: 12288:9dX0UyrLqJ52v9RAiJxydyFpieXMhNHQTyXF74i+rnKusU8RnLxUx5:91fGqH2V37y4FpiKiNwSum51LxUx5
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T176E422665132E0D2F49395B7328A33D61BAC1153EAF0FCD2A095479CEAF66831225F73
sha3_384: 0eb0cfd9352fb7748151c6b6290cd5a13bb455646ae3db2940bae573288b0c7b51cf608a617411dcbb0db910c6497e47
ep_bytes: 60be15704c008dbeeb9ff3ff5783cdff
timestamp: 1997-08-20 12:02:36


Version Info:

CompanyName: Info-Zip 
License: see contrib/LICENSE 
FileDescription: UnZip SPECS UnZip: list, test and extract compressed files in a ZIP archive
FileVersion: 5.51.1871.34282
InternalName: unzip
LegalCopyright: © 2005 Info-Zip 
LegalTrademarks: Info-Zip®, UnZip®, unzip®
OriginalFilename: unzip.exe
ProductName: UnZip
ProductVersion: 5.51.1871.34282
PrivateBuild: Patchlevel 1
SpecialBuild: GNU for Win32 
WWW: http://www.info-zip.org/UnZip.html
Translation: 0x0409 0x04e4

Fugrafa.52752 also known as:

Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Fugrafa.52752
ALYacGen:Variant.Fugrafa.52752
CylanceUnsafe
BitDefenderGen:Variant.Fugrafa.52752
K7GWTrojan ( 0051918e1 )
K7AntiVirusTrojan ( 0051918e1 )
SymantecML.Attribute.HighConfidence
APEXMalicious
NANO-AntivirusTrojan.Win32.Qbot.iabgrr
RisingTrojan.Kryptik!1.C745 (CLASSIC)
Ad-AwareGen:Variant.Fugrafa.52752
EmsisoftGen:Variant.Fugrafa.52752 (B)
McAfee-GW-EditionW32/Pinkslipbot.gen.as
SophosMal/EncPk-APV
SentinelOneStatic AI – Malicious PE
JiangminTrojan.Zenpak.cbx
AviraTR/Crypt.XPACK.Gen
Antiy-AVLTrojan/Generic.ASCommon.1BE
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
GDataGen:Variant.Fugrafa.52752
CynetMalicious (score: 100)
McAfeeW32/Pinkslipbot.gen.as
MalwarebytesBackdoor.Qbot
PandaTrj/Genetic.gen
IkarusTrojan-Banker.QakBot
FortinetW32/Cridex.VHO!tr
AVGWin32:Malware-gen
AvastWin32:Malware-gen
MaxSecureTrojan.Malware.300983.susgen

How to remove Fugrafa.52752?

Fugrafa.52752 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment