Malware

Fugrafa.78636 malicious file

Malware Removal

The Fugrafa.78636 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Fugrafa.78636 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Possible date expiration check, exits too soon after checking local time
  • Dynamic (imported) function loading detected
  • A process created a hidden window
  • Drops a binary and executes it
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Uses Windows utilities for basic functionality
  • Collects and encrypts information about the computer likely to send to C2 server
  • Attempts to create or modify system certificates

How to determine Fugrafa.78636?



File Info:

name: CE9ED87CF46F4E1FE0D6.mlw
path: /opt/CAPEv2/storage/binaries/39f55d7abac38e442caa5b04157bfb7a8cfb4733940aaff2c41aa7b8d6a26037
crc32: 33357DBA
md5: ce9ed87cf46f4e1fe0d66eb7f0531c74
sha1: 949d4200b24bfd10b5e1eca6618ec88c48190c5e
sha256: 39f55d7abac38e442caa5b04157bfb7a8cfb4733940aaff2c41aa7b8d6a26037
sha512: fb303ceeb3abd0f30d38caf03e871dbf00f46a650934485a35e1f69481eda7863572260c41b23500c86c7893c0dee4b32d8cb0f15dfc38fa0d36cea7140bb9f1
ssdeep: 1536:8vUIzH5x4gpvOFRjCR7pCCTJafOdCFKLCm9hw6cpIg8dgbrs:8vUIzMgpv0OlTJa0oowGg8d0Q
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1FF93A20267F90A19F9F63B701A7296355A37BD606931CB0E43ACC64D1F73A999D3032B
sha3_384: 45d160ade70399e2f7954f31df0f74c25045f37bc636efe2ea8ce947cb696b03111fdccb5d97b14b3c5eb2cd4facd50c
ep_bytes: 558bec6aff680046400068a033400064
timestamp: 2017-04-21 14:51:19


Version Info:

CompanyName: 
FileDescription: GetStatus Microsoft 基础类应用程序
FileVersion: 1, 0, 0, 1
InternalName: GetStatus
LegalCopyright: 版权所有 (C) 2009
LegalTrademarks: 
OriginalFilename: GetStatus.EXE
ProductName: GetStatus 应用程序
ProductVersion: 1, 0, 0, 1
Translation: 0x0804 0x04b0

Fugrafa.78636 also known as:

BkavW32.AIDetect.malware2
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Fugrafa.78636
FireEyeGeneric.mg.ce9ed87cf46f4e1f
ALYacGen:Variant.Fugrafa.78636
CylanceUnsafe
VIPRETrojan.Win32.Generic!BT
K7AntiVirusTrojan ( 0053af701 )
AlibabaTrojanDownloader:Win32/ZEGOST.c07eabe3
K7GWTrojan-Downloader ( 004f999e1 )
CrowdStrikewin/malicious_confidence_90% (W)
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/TrojanDownloader.Agent.CTU
APEXMalicious
Paloaltogeneric.ml
KasperskyTrojan.Win32.Scar.pvbn
BitDefenderGen:Variant.Fugrafa.78636
NANO-AntivirusTrojan.Win32.Scar.eruaku
AvastWin32:Malware-gen
Ad-AwareGen:Variant.Fugrafa.78636
EmsisoftGen:Variant.Fugrafa.78636 (B)
ComodoTrojWare.Win32.Magania.~all@f80ty
DrWebTrojan.DownLoader25.20358
ZillyaTrojan.Scar.Win32.105392
TrendMicroBKDR_ZEGOST.SM14
McAfee-GW-EditionGenericRXCO-PM!CE9ED87CF46F
SophosMal/Generic-S
IkarusTrojan-Downloader.Win32.Agent
GDataGen:Variant.Fugrafa.78636
JiangminTrojan.Scar.ivz
AviraTR/Dldr.Agent.neyzd
MAXmalware (ai score=100)
Antiy-AVLTrojan/Generic.ASMalwS.1FE33FA
MicrosoftTrojan:Win32/Occamy.C39
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Scar.C1939269
McAfeeGenericRXCO-PM!CE9ED87CF46F
VBA32Trojan.Scar
MalwarebytesMachineLearning/Anomalous.100%
TrendMicro-HouseCallBKDR_ZEGOST.SM14
TencentMalware.Win32.Gencirc.10b8319a
YandexTrojan.GenAsa!dE9NZwpEEFk
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Generic.AC.3EF32C!tr
BitDefenderThetaGen:NN.ZexaF.34294.fq0@aiLZQ@jb
AVGWin32:Malware-gen
PandaTrj/CI.A

How to remove Fugrafa.78636?

Fugrafa.78636 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment