Malware

Graftor.112465 information

Malware Removal

The Graftor.112465 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Graftor.112465 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Possible date expiration check, exits too soon after checking local time
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid

How to determine Graftor.112465?



File Info:

name: 60E0E4629E433AB2F857.mlw
path: /opt/CAPEv2/storage/binaries/bc03f762272b46c71fd787b97de5778b37c17870e40e64930162cea4fa07a937
crc32: CEAE249D
md5: 60e0e4629e433ab2f857fa5578411c9f
sha1: 07369e984a1376440ee95a544269bf011d034fee
sha256: bc03f762272b46c71fd787b97de5778b37c17870e40e64930162cea4fa07a937
sha512: 780088f4ea494094366aef99d219bcbef0d2b4ff2c6633334c85c5b32ca6bb647d3165f8c1b3d6bfeda5f34dfdce94f6c06dc0ab789cc26e962e385f6d78818c
ssdeep: 12288:pZ94NNGcMHHvyDIsVS62Hlq97TgQOVrx7z6dGOe:pZeNCPRs062F27Irx7z6dre
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T19984CF207101C435F5A7037D8A9AEA9986F4BD658F25AAD333E42F0F9B3A7C1663431D
sha3_384: 6491a67a752ebcafcb987fa2e31866258d622c4c443f51c8395efd29902dbe8d0ddcc863d2e5fd6c813f7aa3d1f5aeb4
ep_bytes: 6a186870524100e8c3430000bf940000
timestamp: 2013-09-04 10:21:58


Version Info:

CompanyName: Solutionphrase Inc.
FileDescription: Solutionphrase Raisehistory
FileVersion: 2.0.201.576 way
InternalName: thousand.exe
LegalCopyright: © Solutionphrase. All rights reserved.
OriginalFilename: thousand.exe
ProductName: Solutionphrase Raisehistory
ProductVersion: 2.0.201.576
WWW: http://www.baseagree.de
Translation: 0x0400 0x04e4

Graftor.112465 also known as:

BkavW32.Common.58EE1502
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Graftor.112465
FireEyeGeneric.mg.60e0e4629e433ab2
ALYacGen:Variant.Graftor.112465
CylanceUnsafe
SangforTrojan.Win32.Yakes.40448011
K7AntiVirusSpyware ( 0055e3db1 )
K7GWSpyware ( 0055e3db1 )
Cybereasonmalicious.29e433
VirITTrojan.Win32.Zyx.XL
CyrenW32/A-2e2d1119!Eldorado
tehtrisGeneric.Malware
ESET-NOD32Win32/Spy.Zbot.AAU
APEXMalicious
ClamAVWin.Trojan.Zbot-61832
KasperskyTrojan-Spy.Win32.Zbot.xdrt
BitDefenderGen:Variant.Graftor.112465
NANO-AntivirusTrojan.Win32.Yakes.creujb
SUPERAntiSpywareTrojan.Agent/Gen-Graftor
AvastWin32:Zbot-RUS [Trj]
TencentMalware.Win32.Gencirc.10b82c9a
Ad-AwareGen:Variant.Graftor.112465
EmsisoftGen:Variant.Graftor.112465 (B)
ComodoTrojWare.Win32.Agent.DENJ@52iw05
DrWebTrojan.PWS.Panda.4379
ZillyaTrojan.Yakes.Win32.17275
McAfee-GW-EditionPWSZbot-FDN!60E0E4629E43
Trapminemalicious.high.ml.score
SophosML/PE-A + Troj/Zbot-GFC
SentinelOneStatic AI – Malicious PE
GDataGen:Variant.Graftor.112465
JiangminTrojan/Yakes.lhj
WebrootW32.Malware.Gen
AviraTR/Yakes.40448011
MAXmalware (ai score=87)
ViRobotTrojan.Win32.Zbot.404480.A
MicrosoftPWS:Win32/Zbot
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Zbot.R82207
Acronissuspicious
McAfeePWSZbot-FDN!60E0E4629E43
TACHYONTrojan/W32.Yakes.404480.B
VBA32Trojan.Yakes
RisingTrojan.Generic@AI.90 (RDML:D0+OsGpjvulpwU2kd35fyQ)
YandexTrojan.GenAsa!lDz2N+8WRkU
IkarusTrojan.Win32.Yakes
MaxSecureTrojan.Malware.6343825.susgen
FortinetW32/KRYPTIK.PDA!tr
BitDefenderThetaGen:NN.ZexaF.34742.yq0@aSk04CaG
AVGWin32:Zbot-RUS [Trj]
PandaTrj/CI.A
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Graftor.112465?

Graftor.112465 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment