Malware

How to remove “Graftor.1251”?

Malware Removal

The Graftor.1251 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Graftor.1251 virus can do?

  • Sample contains Overlay data
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid

How to determine Graftor.1251?



File Info:

name: 5F40DC80AD9AEA8D96F7.mlw
path: /opt/CAPEv2/storage/binaries/f6382ff6f00dd6671803f27334c3ac25b2b2d02cb6bf08e680d4b41212e8b2f2
crc32: 5EA8D91B
md5: 5f40dc80ad9aea8d96f76874cae5ebcc
sha1: 0aa0003204ce60de7b2c5ba1d1832e2f66a61737
sha256: f6382ff6f00dd6671803f27334c3ac25b2b2d02cb6bf08e680d4b41212e8b2f2
sha512: 2d52346add7de24fc39009e7de139446971572a64746bff07ad66595ee4cad0f52715c21a58d8901e8f04ab3dcfe81ba6e7c680e085a7cb40bd3e1f7f87859f2
ssdeep: 1536:EsFLSjZ0lwJyMcozAmXh49F3EGSNODuJZCSts3/Nltrcvema:ESm0KJ0ifhWU6yJ1ty/N/Nx
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T178730266C5D8593AF08DD4F79B5D0522AA1C78C6B31DCF07B19A203AFC7F6986019394
sha3_384: bd064281fd37605455dc91b6d786c24c847aa4681a0870c1ae1d1324a72dd9d2888acd99cb480e80ad77ebe96fbf961b
ep_bytes: 000000000060be00d041008dbe0040fe
timestamp: 2006-09-29 17:09:58


Version Info:

0: [No Data]

Graftor.1251 also known as:

BkavW32.AIDetect.malware2
MicroWorld-eScanGen:Variant.Graftor.1251
FireEyeGeneric.mg.5f40dc80ad9aea8d
McAfeeArtemis!5F40DC80AD9A
CylanceUnsafe
VIPREGen:Variant.Graftor.1251
K7AntiVirusTrojan ( 004bcce41 )
K7GWTrojan ( 004bcce41 )
CrowdStrikewin/malicious_confidence_100% (W)
SymantecML.Attribute.HighConfidence
Elasticmalicious (moderate confidence)
APEXMalicious
ClamAVWin.Trojan.Agent-846650
KasperskyUDS:DangerousObject.Multi.Generic
BitDefenderGen:Variant.Graftor.1251
AvastWin32:Malware-gen
Ad-AwareGen:Variant.Graftor.1251
EmsisoftGen:Variant.Graftor.1251 (B)
ComodoPacked.Win32.MUPX.Gen@24tbus
McAfee-GW-EditionBehavesLike.Win32.Generic.lc
Trapminemalicious.high.ml.score
SophosML/PE-A + Mal/HckPk-A
SentinelOneStatic AI – Malicious PE
JiangminTrojanDownloader.Exchanger.afh
GoogleDetected
MAXmalware (ai score=84)
Antiy-AVLTrojan/Generic.ASMalwS.33E
MicrosoftTrojan:Win32/Wacatac.B!ml
GDataGen:Variant.Graftor.1251
CynetMalicious (score: 100)
ALYacGen:Variant.Graftor.1251
MalwarebytesMalware.Heuristic.1003
RisingTrojan.Win32.Generic.12A2E569 (C64:YzY0OguebnmGMP+V)
IkarusTrojan.Crypt
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Graftor.5AC9!tr
AVGWin32:Malware-gen
Cybereasonmalicious.0ad9ae

How to remove Graftor.1251?

Graftor.1251 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment