Categories: Malware

What is “Graftor.140871”?

The Graftor.140871 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Graftor.140871 virus can do?

Sample contains Overlay data
Unconventionial language used in binary resources: Arabic (Kuwait)
The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid
Anomalous binary characteristics

How to determine Graftor.140871?


File Info:
name: C25E96DA48C33565ABF1.mlwpath: /opt/CAPEv2/storage/binaries/7b459f8f5752a869751bf708d09c549989036d566bac50161713984db3fc0ceecrc32: 04849847md5: c25e96da48c33565abf1a576f581fadesha1: 0b41c1c133901fb8b9c02ebd552c29c3b1d359dfsha256: 7b459f8f5752a869751bf708d09c549989036d566bac50161713984db3fc0ceesha512: a1d598316e308c541c1051fd600571ec26248b16e96948864007519676fb7c203d7f0c696996837ff93d7eb9e442b2faa2cd5186703297194aca511b01316eb7ssdeep: 24576:darq7rYoL8cxCpsp4kbHtRl7hKz43betcmT9ca60Tj4c71//Wre/kb2+XCCB2t:v8cumtX7HbetYr0Xb71/uC/pCB2ttype: PE32 executable (GUI) Intel 80386, for MS Windowstlsh: T10E75E026E25384B6DD7F06F158573A6ADB21DA1DC020A48FA7584C25EFF3D00B9AF631sha3_384: 38235796f657b1e557dc88400d522dfd33471e5f9ce029845dcb1f795949931d36db62d041418b3ecd413502b9c017b5ep_bytes: 5589e583ec18c7042402000000ff15fctimestamp: 2014-04-24 17:14:07
Version Info:
Translation: 0x0000 0x04b0Comments: VLC media player 2.1.3CompanyName: VideoLANFileDescription: vlcFileVersion: 2.1.3.0InternalName: temp.exeLegalCopyright: Copyright © 1996-2014 VideoLAN and VLC AuthorsLegalTrademarks: VLC media player, VideoLAN and x264 are registered trademarks from VideoLANOriginalFilename: temp.exeProductName: VLC media playerProductVersion: 2.1.3.0Assembly Version: 0.0.0.0

Graftor.140871 also known as:

Bkav	W32.AIDetect.malware2
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Graftor.140871
FireEye	Generic.mg.c25e96da48c33565
CAT-QuickHeal	TrojanPWS.Zbot.Gen
ALYac	Gen:Variant.Graftor.140871
Cylance	Unsafe
VIPRE	Gen:Variant.Graftor.140871
K7AntiVirus	Trojan ( 0055e3991 )
K7GW	Trojan ( 0055e3991 )
Cybereason	malicious.a48c33
VirIT	Trojan.Win32.Inject2.ABYU
Cyren	W32/Trojan.WAJF-1511
Symantec	ML.Attribute.HighConfidence
tehtris	Generic.Malware
ESET-NOD32	a variant of Win32/Injector.BAGA
APEX	Malicious
Cynet	Malicious (score: 99)
Kaspersky	HEUR:Trojan-Spy.Win32.Zbot.gen
BitDefender	Gen:Variant.Graftor.140871
NANO-Antivirus	Trojan.Win32.BAGA.cwzkiv
Avast	Win32:Evo-gen [Trj]
Tencent	Win32.Trojan-Spy.Zbot.Ytjl
Ad-Aware	Gen:Variant.Graftor.140871
Sophos	Troj/Zbot-IEB
Comodo	Malware@#1vksn1rci37dq
F-Secure	Heuristic.HEUR/AGEN.1231707
DrWeb	Trojan.Siggen6.16111
Zillya	Trojan.Injector.Win32.231209
TrendMicro	TROJ_WONTON.SM
McAfee-GW-Edition	PWSZbot-FAWT!C25E96DA48C3
Emsisoft	Gen:Variant.Graftor.140871 (B)
Jiangmin	Trojan/Generic.azpix
Avira	HEUR/AGEN.1231707
Antiy-AVL	Trojan/Win32.AGeneric
Microsoft	Backdoor:Win32/Xtrat.A
Arcabit	Trojan.Graftor.D22647
ZoneAlarm	HEUR:Trojan-Spy.Win32.Zbot.gen
GData	Gen:Variant.Graftor.140871
Google	Detected
AhnLab-V3	Trojan/Win32.Zbot.R103787
McAfee	PWSZbot-FAWT!C25E96DA48C3
MAX	malware (ai score=84)
VBA32	BScope.Trojan.Packed
TrendMicro-HouseCall	TROJ_WONTON.SM
Rising	Malware.Undefined!8.C (TFE:5:kC8Hf8Yhsx)
Yandex	Trojan.Agent!xzFs8s8jIPQ
Ikarus	Trojan.Inject2
Fortinet	W32/Injector.BAGA!tr
BitDefenderTheta	Gen:NN.ZexaE.34646.H93@a0TXBAdG
AVG	Win32:Evo-gen [Trj]
Panda	Trj/Genetic.gen
CrowdStrike	win/malicious_confidence_70% (W)