Malware

Graftor.224003 information

Malware Removal

The Graftor.224003 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Graftor.224003 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • CAPE detected the shellcode get eip malware family
  • Anomalous binary characteristics
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Graftor.224003?



File Info:

name: BD467B1CB11E90386586.mlw
path: /opt/CAPEv2/storage/binaries/2a630e4e456a802c08ac7743f3f616ff7b3e48750496d05535f3634a2f0705bf
crc32: 4709F8C9
md5: bd467b1cb11e903865862872ff02f5e0
sha1: a88c8916247bc855ba6bcb1fa987a5276dd53a28
sha256: 2a630e4e456a802c08ac7743f3f616ff7b3e48750496d05535f3634a2f0705bf
sha512: 985e28156052716c56053db84fff9d96ef38086d5dbdeac3062d113356cfdd124d55d52808d787aaa5685753d11ee9f4e719aca651ec83dbbc81de0c6a075904
ssdeep: 6144:Z71TnTgmJ646I9zL5V6OpuhQw4Emc85CdSvCgcrXV:Z71TnUa/9ZVVwbjF
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T10794C477344455F2F43D5BF12BC6AAB65AEE6E7B1CC0089527DC32F9A476220819C22F
sha3_384: dff2d639515f06f39581347f2258c79d0f515edddff1ae90d6ee44d2483f458969ffb0479eb25da3b5c2de23f203b3e3
ep_bytes: e8204e0000e989feffffc70188f54000
timestamp: 2015-06-20 21:21:26


Version Info:

Comments: Wifi Protector scans all the wi-fi networks you use on regular basis for any security problems and helps to protect you online.
CompanyName: Optimal Software s.r.o.
FileDescription: WiFi Protector Launcher
FileVersion: 3.3.34.276
InternalName: wifiProtLauncher
LegalCopyright: Copyright © 2009-2015 Optimal Software s.r.o. All rights reserved.
OriginalFilename: wifiProtLauncher.exe
ProductName: WiFi Protector
ProductVersion: 3.3.34.276
Translation: 0x0409 0x04b0

Graftor.224003 also known as:

LionicTrojan.Win32.Inject.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Graftor.224003
CAT-QuickHealTrojan.Generic.B4
SkyhighBehavesLike.Win32.Infected.gh
McAfeeGenericR-DVQ!BD467B1CB11E
Cylanceunsafe
VIPREGen:Variant.Graftor.224003
SangforTrojan.Win32.Zbot.rfn
K7AntiVirusSpyware ( 004a08e61 )
AlibabaTrojanSpy:Win32/TeslaCrypt.3a558ae2
K7GWSpyware ( 004a08e61 )
Cybereasonmalicious.6247bc
VirITTrojan.Win32.Zbot.AEDQ
SymantecML.Attribute.HighConfidence
ESET-NOD32Win32/Spy.Zbot.ACB
APEXMalicious
CynetMalicious (score: 100)
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Variant.Graftor.224003
NANO-AntivirusTrojan.Win32.TrjGen.dtedbc
AvastWin32:TeslaCrypt-GY [Trj]
RisingSpyware.Zbot!8.16B (TFE:1:BuiweNwnFuE)
EmsisoftGen:Variant.Graftor.224003 (B)
F-SecureHeuristic.HEUR/AGEN.1310247
DrWebTrojan.Siggen6.39949
ZillyaTrojan.Zbot.Win32.182457
TrendMicroTSPY_ZBOT_EI21009C.UVPB
Trapminemalicious.high.ml.score
FireEyeGeneric.mg.bd467b1cb11e9038
SophosML/PE-A
SentinelOneStatic AI – Malicious PE
JiangminTrojan/Inject.bcqb
WebrootTrojan.Dropper.Gen
GoogleDetected
AviraHEUR/AGEN.1310247
MAXmalware (ai score=84)
Antiy-AVLTrojan/Win32.SGeneric
MicrosoftPWS:Win32/Zbot!rfn
XcitiumTrojWare.Win32.Cerber.AV@6ffira
ArcabitTrojan.Graftor.D36B03
ZoneAlarmHEUR:Trojan.Win32.Generic
GDataGen:Variant.Graftor.224003
VBA32Trojan.Inject
ALYacGen:Variant.Graftor.224003
MalwarebytesGeneric.Malware/Suspicious
PandaTrj/Genetic.gen
TrendMicro-HouseCallTSPY_ZBOT_EI21009C.UVPB
TencentMalware.Win32.Gencirc.10ba2122
YandexTrojanSpy.Zbot!+AtvjVeTYuI
IkarusTrojan-Spy.Agent
FortinetW32/Generic.AC.1B2F6B!tr
BitDefenderThetaGen:NN.ZexaF.36744.BC0@aK84boni
AVGWin32:TeslaCrypt-GY [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_90% (D)

How to remove Graftor.224003?

Graftor.224003 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment