Malware

Should I remove “Graftor.597582 (B)”?

Malware Removal

The Graftor.597582 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Graftor.597582 (B) virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • A file was accessed within the Public folder.
  • Sample contains Overlay data
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • CAPE detected the EnigmaStub malware family
  • Touches a file containing cookies, possibly for information gathering
  • Anomalous binary characteristics
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Graftor.597582 (B)?



File Info:

name: 1172E9C3857FFDB1B6FB.mlw
path: /opt/CAPEv2/storage/binaries/3798fa5130eeeef52dc5e591333a2caa8234afb508bba5f5d886a3803bcc7f98
crc32: 4A8FF95D
md5: 1172e9c3857ffdb1b6fba3115a57f263
sha1: ff44710f438c3d3abaf82a110a40f6272f49541e
sha256: 3798fa5130eeeef52dc5e591333a2caa8234afb508bba5f5d886a3803bcc7f98
sha512: 45b2f2d36752f3557ccecf52041edc74ceb9d88f5f63b75347afeb6c0f0ba859eb1925774465e34792f54995bd81b872f98e6d36d4fbb207a101e15c3962c21c
ssdeep: 49152:1SZrnYec+Ia9TBxk0DVhP3ELjjzP1oTCQDy2oRutLjZnvgdo0M:1SZbtN5hPcvhozpvgG
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T19F06F111F6E3C0B6DDA6157E0F86A62522B2FD204B70EBC7A2E5370D9EF41D2193A345
sha3_384: d2fc927917eb695d1d25602abffcabf5134bc607b5141e668ffadb6a6c619b01d1708542b5c2546da2d1f053ff1e5b20
ep_bytes: eb0800b403000000000060e800000000
timestamp: 2004-08-04 05:58:28


Version Info:

CompanyName: Microsoft Corporation
FileDescription: Microsoft (R) Address Book Import Tool
FileVersion: 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
InternalName: WABMIG.EXE
LegalCopyright: © Microsoft Corporation. All rights reserved.
OriginalFilename: WABMIG.EXE
ProductName: Microsoft® Windows® Operating System
ProductVersion: 6.00.2900.2180
Translation: 0x0409 0x04b0

Graftor.597582 (B) also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Shohdi.i!c
AVGWin32:Evo-gen [Trj]
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Graftor.597582
FireEyeGeneric.mg.1172e9c3857ffdb1
SkyhighBehavesLike.Win32.Generic.wc
McAfeeArtemis!1172E9C3857F
MalwarebytesGeneric.Malware.AI.DDS
SangforSuspicious.Win32.Save.ins
K7AntiVirusTrojan ( 005376ae1 )
AlibabaTrojan:Win32/Enigma.bc9d11ee
K7GWTrojan ( 005376ae1 )
CrowdStrikewin/malicious_confidence_100% (D)
BitDefenderThetaGen:NN.ZexaF.36802.OF3@aSMaThji
VirITWin32.Shohdi.A
SymantecML.Attribute.HighConfidence
tehtrisGeneric.Malware
ESET-NOD32a variant of Win64/Packed.Enigma.CE
CynetMalicious (score: 100)
APEXMalicious
ClamAVBC.Win.Virus.Virut-7001009-0
KasperskyUDS:Trojan-PSW.Win32.Ruftar
BitDefenderGen:Variant.Graftor.597582
AvastWin32:Evo-gen [Trj]
TencentWin32.Trojan.Dropper.Fdhl
SophosMal/Generic-S
F-SecureTrojan.TR/Dropper.Gen
DrWebWin32.Virut.56
VIPREGen:Variant.Graftor.597582
Trapminemalicious.high.ml.score
EmsisoftGen:Variant.Graftor.597582 (B)
SentinelOneStatic AI – Malicious PE
VaristW32/Virut.CE.gen!Eldorado
AviraTR/Dropper.Gen
Antiy-AVLVirus/Win32.Shohdi.b
KingsoftWin32.HeurC.KVMH015.a
MicrosoftBackdoor:Win32/Bladabindi!ml
ArcabitTrojan.Graftor.D91E4E [many]
GDataWin32.Virtob.Gen.12
GoogleDetected
VBA32Trojan.Fuery
ALYacGen:Variant.Graftor.597582
MAXmalware (ai score=82)
Cylanceunsafe
RisingVirus.Shodi!1.9B9C (CLASSIC)
YandexTrojan.GenAsa!Z1dtqm+03ME
IkarusTrojan.Win64.Enigma
MaxSecurevirus.shohdi.i
ZonerProbably Heur.ExeHeaderL
Cybereasonmalicious.3857ff
DeepInstinctMALICIOUS

How to remove Graftor.597582 (B)?

Graftor.597582 (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment