Malware

Fugrafa.67003 removal guide

Malware Removal

The Fugrafa.67003 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Fugrafa.67003 virus can do?

  • Executable code extraction
  • Attempts to connect to a dead IP:Port (2 unique times)
  • Creates RWX memory
  • Repeatedly searches for a not-found process, may want to run with startbrowser=1 option
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • HTTP traffic contains suspicious features which may be indicative of malware related traffic
  • Performs some HTTP requests
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary likely contains encrypted or compressed data.
  • Queries information on disks, possibly for anti-virtualization
  • Attempts to modify proxy settings
  • Creates a copy of itself

Related domains:

z.whorecord.xyz
api.ip138.com
tj.jdlook.com
dwonload.sz-qudou.net
a.tomx.xyz

How to determine Fugrafa.67003?



File Info:

crc32: 8567BBE2
md5: a4cadc459915b25cd5ce1e4ae4d54a1b
name: A4CADC459915B25CD5CE1E4AE4D54A1B.mlw
sha1: ae038409391d935929e3a04941db2c954f36c551
sha256: 237d5871e6103d81aa41130c48324415590eccba81ebca6a82142565952c2e1d
sha512: 2fb235e2e4294a4c45e2e21edc1dbe3510eddfdb54e9d0fc346244af4da57bcf41f7c441f73b9a5415007f35be237c4dfcf83dd3684c5bc39b2a8ddf4143aea6
ssdeep: 12288:AKAXF/Kjjgnc4ZQe4EBI8rqZKqiisi+VpQj0lOXf/LedUkEjdfVPEJP3hySqV4v:QojgLFlBeZUFVpSXHT/u3swU
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: Copyright (C) 2018
InternalName: x6781x901fx4e0bx8f7dx5668
CompanyName: x6781x901fx4e0bx8f7dx5668
ProductName: x6781x901fx4e0bx8f7dx5668
ProductVersion: 1,2,3,18908
FileDescription: x6781x901fx4e0bx8f7dx5668
OriginalFilename: Setup.exe
Translation: 0x0804 0x04b0

Fugrafa.67003 also known as:

BkavW32.AIDetect.malware1
K7AntiVirusAdware ( 0053e9eb1 )
LionicTrojan.Win32.Generic.4!c
Elasticmalicious (high confidence)
DrWebTrojan.DownLoader27.6939
CynetMalicious (score: 100)
CAT-QuickHealPUA.Bundler.S3936668
ALYacGen:Variant.Fugrafa.67003
CylanceUnsafe
K7GWAdware ( 0053e9eb1 )
Cybereasonmalicious.59915b
CyrenW32/S-3eeab5d7!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Softcnapp.AN potentially unwanted
APEXMalicious
AvastWin32:AdwareX-gen [Adw]
ClamAVWin.Malware.Softcnapp-6940714-0
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Variant.Fugrafa.67003
NANO-AntivirusTrojan.Win32.Softcnapp.fivkee
MicroWorld-eScanGen:Variant.Fugrafa.67003
TencentMalware.Win32.Gencirc.10b3f810
Ad-AwareGen:Variant.Fugrafa.67003
SophosGeneric ML PUA (PUA)
ComodoApplication.Win32.AdWare.Softcnapp.C@7wfak4
BitDefenderThetaGen:NN.ZexaF.34294.3y0@a8s2vOej
McAfee-GW-EditionBehavesLike.Win32.Generic.cc
FireEyeGeneric.mg.a4cadc459915b25c
EmsisoftGen:Variant.Fugrafa.67003 (B)
SentinelOneStatic AI – Malicious PE
JiangminTrojan.Generic.ctrso
AviraADWARE/Adware.Gen7
eGambitUnsafe.AI_Score_99%
Antiy-AVLTrojan/Generic.ASMalwS.28879D5
KingsoftWin32.Troj.Generic_a.a.(kcloud)
MicrosoftTrojan:Win32/Skeeyah.A!rfn
GDataGen:Variant.Fugrafa.67003
AhnLab-V3PUP/Win32.Bundler.R238629
Acronissuspicious
McAfeeGenericRXGO-EO!A4CADC459915
MAXmalware (ai score=80)
VBA32BScope.Trojan.Downloader
MalwarebytesMalware.AI.1242366684
PandaTrj/Genetic.gen
RisingTrojan.Generic@ML.100 (RDML:M5kq0fOWVpqSn+97eDz1yw)
IkarusTrojan.Win32.Krypt
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Symmi.CD14!tr
AVGWin32:AdwareX-gen [Adw]
Paloaltogeneric.ml

How to remove Fugrafa.67003?

Fugrafa.67003 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment