Malware

Graftor.270905 (B) removal tips

Malware Removal

The Graftor.270905 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Graftor.270905 (B) virus can do?

  • Executable code extraction
  • Injection (inter-process)
  • Injection (Process Hollowing)
  • Injection with CreateRemoteThread in a remote process
  • Creates RWX memory
  • Possible date expiration check, exits too soon after checking local time
  • Reads data out of its own binary image
  • A process created a hidden window
  • Drops a binary and executes it
  • Sniffs keystrokes
  • Executed a process and injected code into it, probably while unpacking
  • Detects Sandboxie through the presence of a library
  • Code injection with CreateRemoteThread in a remote process
  • Creates a hidden or system file
  • Likely virus infection of existing system binary
  • Checks for the presence of known devices from debuggers and forensic tools
  • Creates a copy of itself
  • Creates known SpyNet mutexes and/or registry changes.
  • Anomalous binary characteristics

Related domains:

lameranonimo.duckdns.org

How to determine Graftor.270905 (B)?



File Info:

crc32: 4C1066BB
md5: 9bb4084e1e0697fcfced32c8a24a6b49
name: 9BB4084E1E0697FCFCED32C8A24A6B49.mlw
sha1: 4cd6d13fd8b7d2022ef2253cdb5a77c88115ccbf
sha256: 32d851d0587e410c02e68e3424203208291be6a9bb71941fca0a1d65c5f7e564
sha512: d30fbc0f79cb876c8eee11dee46b22d663c45c05da0affb03e031b20f8a48f5b76ae77de63e08588ef8d4d69b74a6532aaa4e34566b6e20ec957f973e20038af
ssdeep: 6144:C0MeSTGV+0VBXrptgsWOYrWbEmHW8UpqqkLV/LHC9Ax23IMAJQPK:CQVzXptfAEE6vXNLHCc2YdJ8K
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

Translation: 0x0409 0x04b0
InternalName: STUB
FileVersion: 1.00
CompanyName: Microsoft
ProductName: STUB
ProductVersion: 1.00
OriginalFilename: STUB.exe

Graftor.270905 (B) also known as:

BkavW32.AIDetect.malware1
K7AntiVirusTrojan ( 0049be171 )
Elasticmalicious (high confidence)
DrWebTrojan.MulDrop3.6111
CynetMalicious (score: 100)
ALYacGen:Variant.Graftor.270905
CylanceUnsafe
ZillyaTrojan.Injector.Win32.1011116
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaTrojan:Win32/Injector.5a00b14e
K7GWTrojan ( 0049be171 )
Cybereasonmalicious.e1e069
CyrenW32/Trojan.MJAF-5979
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Injector.BGEI
APEXMalicious
AvastWin32:Malware-gen
ClamAVWin.Trojan.Zusy-6952025-0
KasperskyUDS:Trojan.Win32.Llac
BitDefenderGen:Variant.Graftor.270905
SUPERAntiSpywareTrojan.Agent/Gen-FakeAlert
MicroWorld-eScanGen:Variant.Graftor.270905
TencentWin32.Trojan.Dropper.Hwwi
Ad-AwareGen:Variant.Graftor.270905
SophosML/PE-A
BitDefenderThetaAI:Packer.A4C35C5320
TrendMicroTROJ_GEN.R005C0WFI21
McAfee-GW-EditionBehavesLike.Win32.Rontokbro.fc
FireEyeGeneric.mg.9bb4084e1e0697fc
EmsisoftGen:Variant.Graftor.270905 (B)
SentinelOneStatic AI – Malicious PE
JiangminTrojan.PSW.Tepfer.mpr
AviraTR/Dropper.Gen
eGambitUnsafe.AI_Score_98%
Antiy-AVLTrojan/Generic.ASMalwS.3386B23
MicrosoftTrojan:Win32/Wacatac.B!ml
GridinsoftTrojan.Win32.Agent.oa!s1
GDataGen:Variant.Graftor.270905
AhnLab-V3Trojan/Win32.Agent.C908078
McAfeeArtemis!9BB4084E1E06
MAXmalware (ai score=84)
VBA32Malware-Cryptor.VB.gen.1
MalwarebytesMalware.AI.2587904739
TrendMicro-HouseCallTROJ_GEN.R005C0WFI21
YandexTrojan.Injector!55fZmDgA370
IkarusTrojan.Win32.Injector
FortinetW32/Injector.CLDS!tr
AVGWin32:Malware-gen
Paloaltogeneric.ml

How to remove Graftor.270905 (B)?

Graftor.270905 (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment