Malware

Fugrafa.9624 removal

Malware Removal

The Fugrafa.9624 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Fugrafa.9624 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Sample contains Overlay data
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Presents an Authenticode digital signature
  • Creates RWX memory
  • Possible date expiration check, exits too soon after checking local time
  • Dynamic (imported) function loading detected
  • Enumerates running processes
  • Reads data out of its own binary image
  • A process created a hidden window
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Created a process from a suspicious location
  • Steals private information from local Internet browsers
  • Spoofs its process name and/or associated pathname to appear as a legitimate process
  • Collects information to fingerprint the system

How to determine Fugrafa.9624?



File Info:

name: 426C305416D7985E5198.mlw
path: /opt/CAPEv2/storage/binaries/07ce3a99387dbb2c4ee1edeac1db553cbf73ef47e11a0cc31fbe0c217c7d1ffe
crc32: BAE814D2
md5: 426c305416d7985e519877bfb6db93d0
sha1: 83bca2675aedc3ca3896599288d0cffd7cbc7f6f
sha256: 07ce3a99387dbb2c4ee1edeac1db553cbf73ef47e11a0cc31fbe0c217c7d1ffe
sha512: 4426dae8ae5dc2029886118c696fdc0fd90511a8dee0b51687cd0a5d1b4cc7001fd1a51589ab1e234e2026ce08c4bf2867f04111c681b464b838d6406b592668
ssdeep: 6144:atbOljxWyjJypr+QqhdJdUwcPWFNEwXh/XEVOwG6Frk:a9OXByoXLU7eFNEwREVOJD
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T168D46B3FED508004CE3BD7343795F7B4E47C6990E968E742AF70AA19E9A0190BB2553E
sha3_384: d1377171c4c7da98714207c3abc6a9c594f82b1f734c752b0ca5151a16c8ef06efd5fefd49f4ba9db269926af038475d
ep_bytes: e856020000e97afeffff558becff7508
timestamp: 2019-10-26 14:12:31


Version Info:

CompanyName: Esthacyte
FileDescription: niffer
FileVersion: 5.7.4.0
InternalName: cardsharper.exe
LegalCopyright: Copyright (C) Richeyville 2019
OriginalFilename: prestezza.exe
ProductName: all-encompassing
ProductVersion: 2.8.0.6
Translation: 0x0409 0x04b0

Fugrafa.9624 also known as:

MicroWorld-eScanGen:Variant.Fugrafa.9624
FireEyeGeneric.mg.426c305416d7985e
ALYacGen:Variant.Fugrafa.9624
ZillyaTrojan.Kryptik.Win32.1818445
K7AntiVirusTrojan ( 00558fbe1 )
BitDefenderGen:Variant.Fugrafa.9624
K7GWTrojan ( 00558fbe1 )
ArcabitTrojan.Fugrafa.D2598
BitDefenderThetaGen:NN.ZexaF.34806.Ly3@ayyqj@ai
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/GenKryptik.DWIQ
ClamAVWin.Trojan.Mikey-9958102-0
KasperskyVHO:Backdoor.Win32.Convagent.gen
NANO-AntivirusTrojan.Win32.Azorult.getfyz
RisingTrojan.Kryptik!1.BE72 (CLASSIC)
Ad-AwareGen:Variant.Fugrafa.9624
EmsisoftGen:Variant.Fugrafa.9624 (B)
DrWebTrojan.PWS.Stealer.25838
VIPREGen:Variant.Fugrafa.9624
McAfee-GW-EditionGenericRXIZ-KJ!426C305416D7
SentinelOneStatic AI – Suspicious PE
APEXMalicious
JiangminTrojan.PSW.Azorult.epd
Antiy-AVLTrojan/Generic.ASMalwS.A9D
MicrosoftTrojan:Win32/Azorult.PC!MTB
ZoneAlarmVHO:Backdoor.Win32.Convagent.gen
GDataGen:Variant.Fugrafa.9624
AhnLab-V3Malware/Win32.Generic.C3534720
McAfeeGenericRXIZ-KJ!426C305416D7
MAXmalware (ai score=85)
VBA32Backdoor.Androm
MalwarebytesSpyware.LokiBot
TencentMalware.Win32.Gencirc.10b87932
YandexTrojan.GenAsa!UcCCylqaLxI
FortinetW32/Kryptik.GWYH!tr
AVGWin32:Malware-gen
Cybereasonmalicious.416d79
AvastWin32:Malware-gen

How to remove Fugrafa.9624?

Fugrafa.9624 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment