Malware

Should I remove “Fugrafa.84608”?

Malware Removal

The Fugrafa.84608 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Fugrafa.84608 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Possible date expiration check, exits too soon after checking local time
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Fugrafa.84608?



File Info:

name: 5F6EF127767F69407E69.mlw
path: /opt/CAPEv2/storage/binaries/e5ac2e58b8d5a7effe3985266ead243780544baed7acc177492be21d172c9be4
crc32: 0A774F77
md5: 5f6ef127767f69407e69b724e4818e50
sha1: 08b8c082fb7c98058e18703b7d47a6eb053ec545
sha256: e5ac2e58b8d5a7effe3985266ead243780544baed7acc177492be21d172c9be4
sha512: c0fab7c0f534449f4873789bdf225c443281d7f39f31f7fcd34807da4407f9793d424d5f1a350add29716c999620fd9fa5d48b86fe59f69420bd8419686317c8
ssdeep: 6144:lAZXgxFlFqyWNEz0P/G4+iAyhChc2kjeLf:lARg5YyWNNnxXRhsYjEf
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1DF340103FB038695D4F7A9F4009F1FA41F216FE943111A535368EA2A285A776789FE8C
sha3_384: 93f76968d9d1e33e64d9f74f0b16525b039469185d3ec177c525dffb70ddc8595c720f778b171b6082bf5b353746c261
ep_bytes: 558bec81c44cffffff6a616a52e8eb18
timestamp: 2012-01-30 02:22:19


Version Info:

FileDescription: svjy
CompanyName: Uvv5
FileVersion: 69.200.44122.61025
InternalName: mqee55GfcRW
LegalCopyright: NGwOECVvvK5
OriginalFilename: xG74EZisA
ProductName: Jj72
ProductVersion: 152.21.13315.28250
Translation: 0x0409 0x04b0

Fugrafa.84608 also known as:

BkavW32.AIDetect.malware2
tehtrisGeneric.Malware
DrWebTrojan.Proxy.24056
MicroWorld-eScanGen:Variant.Fugrafa.84608
FireEyeGeneric.mg.5f6ef127767f6940
CAT-QuickHealFraudTool.Security
ALYacGen:Variant.Fugrafa.84608
CylanceUnsafe
ZillyaTrojan.Zbot.Win32.111364
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 0046c61b1 )
K7GWTrojan ( 0046c61b1 )
Cybereasonmalicious.7767f6
BitDefenderThetaGen:NN.ZexaF.34806.oq1@a8uuqkai
VirITTrojan.Win32.Generic.CGPO
CyrenW32/Zbot.IJ.gen!Eldorado
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Kryptik.AWVI
TrendMicro-HouseCallTSPY_ZBOT.OMO
ClamAVWin.Trojan.Zbot-60265
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Variant.Fugrafa.84608
NANO-AntivirusTrojan.Win32.Zbot.bxnckc
SUPERAntiSpywareTrojan.Agent/Gen-Falint
AvastWin32:Mystic
TencentMalware.Win32.Gencirc.10b7a6dc
Ad-AwareGen:Variant.Fugrafa.84608
TACHYONTrojan-Spy/W32.ZBot.244918
EmsisoftGen:Variant.Fugrafa.84608 (B)
ComodoTrojWare.Win32.Kryptik.AWVI@4vclj0
VIPREGen:Variant.Fugrafa.84608
TrendMicroTSPY_ZBOT.OMO
McAfee-GW-EditionPWS-Zbot.gen.baq
Trapminemalicious.high.ml.score
SophosML/PE-A
IkarusTrojan.Win32.Yakes
JiangminTrojanSpy.Zbot.cwyu
AviraTR/Spy.Zbot.2449186
Antiy-AVLTrojan/Generic.ASMalwS.31
MicrosoftPWS:Win32/Zbot.gen!DLY
ArcabitTrojan.Fugrafa.D14A80
GDataGen:Variant.Fugrafa.84608
CynetMalicious (score: 100)
AhnLab-V3Spyware/Win32.Zbot.R57051
Acronissuspicious
McAfeePWS-Zbot.gen.baq
MAXmalware (ai score=89)
VBA32BScope.Trojan.Proxy
MalwarebytesBackdoor.Agent.RND
APEXMalicious
RisingTrojan.Generic@AI.92 (RDML:w2Y05k778LprXtM9I70REQ)
YandexTrojanSpy.Zbot!CeT9bpP0AYI
SentinelOneStatic AI – Malicious PE
FortinetW32/Tepfer.MQ!tr
AVGWin32:Mystic
PandaTrj/Genetic.gen
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Fugrafa.84608?

Fugrafa.84608 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment