Malware

Fugrafa.83460 removal

Malware Removal

The Fugrafa.83460 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Fugrafa.83460 virus can do?

  • Executable code extraction
  • Injection with CreateRemoteThread in a remote process
  • Attempts to connect to a dead IP:Port (1 unique times)
  • Creates RWX memory
  • A process attempted to delay the analysis task.
  • A process created a hidden window
  • Drops a binary and executes it
  • The binary likely contains encrypted or compressed data.
  • Uses Windows utilities for basic functionality
  • Code injection with CreateRemoteThread in a remote process
  • Tries to suspend Cuckoo threads to prevent logging of malicious activity
  • Deletes its original binary from disk
  • Tries to unhook or modify Windows functions monitored by Cuckoo
  • A system process is generating network traffic likely as a result of process injection
  • Behavior consistent with a dropper attempting to download the next stage.
  • Installs itself for autorun at Windows startup
  • Creates a hidden or system file
  • Attempts to modify proxy settings
  • Creates a copy of itself
  • Anomalous binary characteristics

Related domains:

z.whorecord.xyz
a.tomx.xyz
gogapervijman.ru
set1forus.ru
aboutalikmatoskin.ru
gogadorogoda.ru

How to determine Fugrafa.83460?



File Info:

crc32: E9D98C26
md5: 03635157b25fb5434ea70894b87c243b
name: 03635157B25FB5434EA70894B87C243B.mlw
sha1: 9d78a5f554e7dc6df95c4a3a63bee94841d9d032
sha256: 1a346d4f3162e30dccee1f3f3ad6de0addebf60fd92bfbeee2fa98374223c929
sha512: a82bc07a35b62d5f40a5765dd0aacdf0ba51c1656d0f5eacbbda1f5825e298ab97ac77d33a79d4f86145fc2baf3f45bd4dc908f28b2cbcd28f3e8e474e7072c8
ssdeep: 1536:iwRdJDEi+yRbQ15whruW4fqAQAs22d92NRaXUkeWqZb0LTWhN1g:ddd+WTuf/s103meb0i8
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

0: [No Data]

Fugrafa.83460 also known as:

BkavW32.AIDetect.malware1
K7AntiVirusRiskware ( 0040eff71 )
LionicTrojan.Win32.Generic.lK2p
Elasticmalicious (high confidence)
DrWebTrojan.PWS.Stealer.3199
ALYacGen:Variant.Fugrafa.83460
ZillyaWorm.Cridex.Win32.288
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_90% (D)
AlibabaWorm:Win32/Cridex.a15589c7
K7GWRiskware ( 0040eff71 )
Cybereasonmalicious.7b25fb
BaiduWin32.Trojan.Agent.eq
SymantecPacked.Generic.459
ESET-NOD32a variant of Win32/Kryptik.AYGM
APEXMalicious
AvastWin32:Injector-BOP [Trj]
CynetMalicious (score: 100)
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Variant.Fugrafa.83460
NANO-AntivirusTrojan.Win32.Cridex.borqhq
MicroWorld-eScanGen:Variant.Fugrafa.83460
TencentMalware.Win32.Gencirc.114c38ea
Ad-AwareGen:Variant.Fugrafa.83460
SophosML/PE-A + Mal/EncPk-AIR
ComodoMalware@#b2q5fbpausv
BitDefenderThetaGen:NN.ZexaF.34236.gOW@aKUHHuai
VIPRETrojan.Win32.Zbot.m (v)
TrendMicroTROJ_SPNR.35EF13
McAfee-GW-EditionPWS-Zbot-FATG!03635157B25F
FireEyeGeneric.mg.03635157b25fb543
EmsisoftGen:Variant.Fugrafa.83460 (B)
SentinelOneStatic AI – Malicious PE
JiangminTrojan/Generic.ayfqp
AviraHEUR/AGEN.1132833
Antiy-AVLTrojan/Generic.ASMalwS.1523AD
KingsoftWorm.Cridex.p.(kcloud)
MicrosoftWorm:Win32/Cridex.B
SUPERAntiSpywareTrojan.Agent/Gen-IRCBot
GDataGen:Variant.Fugrafa.83460
McAfeePWS-Zbot-FATG!03635157B25F
MAXmalware (ai score=88)
VBA32BScope.Malware-Cryptor.Hlux
PandaTrj/Hexas.HEU
TrendMicro-HouseCallTROJ_SPNR.35EF13
RisingMalware.XPACK!1.9C22 (CLASSIC)
YandexTrojan.GenAsa!/NwAHvKkPTg
IkarusWorm.Win32.Cridex
FortinetW32/Zbot.APRF!tr
AVGWin32:Injector-BOP [Trj]
Paloaltogeneric.ml

How to remove Fugrafa.83460?

Fugrafa.83460 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment