Malware

Graftor.264062 (file analysis)

Malware Removal

The Graftor.264062 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Graftor.264062 virus can do?

  • Creates RWX memory
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary likely contains encrypted or compressed data.
  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics

How to determine Graftor.264062?



File Info:

crc32: BC8481D2
md5: 813d772542b3cca29d770dd6009613f4
name: 813D772542B3CCA29D770DD6009613F4.mlw
sha1: 1a0b52a3bd4534b22a77bac15a244bdeadea0aed
sha256: 2ec977bd72a853ce683fb2fcbf68580e84a720676caf203b91ad5d1c5a31cbdc
sha512: 50b9e7f212df036b3edea0c85f02d9e2afdeb4aceae3d1dbb57cf61a1323e9284f41a61963bf96009e02b6f2d3bd4b2b3eaca8ab7948dd09670aa7e2a7a13a2f
ssdeep: 1536:MH/BaLgZmckPxiTChG37cjxhGvzcjEHcSfxaTOpwDN/5cw/JruSWTQ9Nhq0F3lV:ZDckPxiTC43Yjx4vwjEHcSfxaT5NRPJ
type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: Copyright ? 2004-2020 Lenovo China
InternalName: version
FileVersion: 1, 0, 0, 28
CompanyName: Mindjet
Comments: x6fc0x6d3bMindjet MindManager 2019(x86) 19.0.290
ProductName: version
ProductVersion: 1, 0, 0, 28
FileDescription: x6fc0x6d3bx5bc6x5319xff1aMP19-999-AP98-6339-2558
OriginalFilename: version.dll
Translation: 0x0804 0x04b0

Graftor.264062 also known as:

LionicTrojan.Win32.Ursu.4!c
Elasticmalicious (high confidence)
DrWebTrojan.PWS.Gamania.34950
CAT-QuickHealTrojan.MauvaiseRI.S5242410
ALYacGen:Variant.Graftor.264062
CylanceUnsafe
ZillyaTrojan.Hijacker.Win32.440
CrowdStrikewin/malicious_confidence_80% (D)
AlibabaTrojan:Win32/Hijacker.ed42c1a2
K7GWTrojan ( 004d88821 )
K7AntiVirusTrojan ( 004d88821 )
CyrenW32/Hijacker.BHRF-1737
SymantecML.Attribute.HighConfidence
ESET-NOD32Win32/Hijacker.O
ZonerTrojan.Win32.86612
APEXMalicious
AvastFileRepMalware
CynetMalicious (score: 100)
BitDefenderGen:Variant.Graftor.264062
NANO-AntivirusTrojan.Win32.Gamania.dyxgwy
MicroWorld-eScanGen:Variant.Graftor.264062
TencentMalware.Win32.Gencirc.10b3a7ab
Ad-AwareGen:Variant.Graftor.264062
SophosMal/Generic-S
ComodoMalware@#3acqpvyqu6gyg
BitDefenderThetaGen:NN.ZedlaF.34170.fy8@a0aut7gb
VIPRETrojan.Win32.Generic!BT
McAfee-GW-EditionBehavesLike.Win32.Dropper.mc
FireEyeGeneric.mg.813d772542b3cca2
EmsisoftGen:Variant.Graftor.264062 (B)
SentinelOneStatic AI – Malicious PE
JiangminTrojan.Hijacker.g
AviraTR/Crypt.ZPACK.Gen
Antiy-AVLTrojan/Generic.ASMalwS.174A7A2
KingsoftWin32.Troj.Generic_a.a.(kcloud)
MicrosoftTrojan:Win32/Tnega!ml
GridinsoftTrojan.Win32.Agent.oa!s1
GDataGen:Variant.Graftor.264062
TACHYONTrojan/W32.Forwarded.Gen
AhnLab-V3Trojan/Win32.Dynamer.C2313339
McAfeeGenericRXHX-SC!813D772542B3
MAXmalware (ai score=83)
MalwarebytesMalware.AI.3031886999
PandaTrj/CI.A
RisingTrojan.Generic@ML.99 (RDMK:38PtlLOunxgCw8qV3c2cBw)
YandexTrojan.GenAsa!MvXFPAt57mc
IkarusTrojan.Win32.Hijacker
FortinetW32/Hijacker.J!tr
AVGFileRepMalware
Paloaltogeneric.ml

How to remove Graftor.264062?

Graftor.264062 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment