Malware

Graftor.643745 (file analysis)

Malware Removal

The Graftor.643745 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Graftor.643745 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Presents an Authenticode digital signature
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Graftor.643745?



File Info:

name: 29F642EC9D5AC91A6E90.mlw
path: /opt/CAPEv2/storage/binaries/572daafce025b9f9daafcc398ecf636896f014bf7224ce2cda93b02277400622
crc32: 7152F0E1
md5: 29f642ec9d5ac91a6e90854dba81e9ae
sha1: 58044f6c4e82496b1bebd28488dc4b60140f6c76
sha256: 572daafce025b9f9daafcc398ecf636896f014bf7224ce2cda93b02277400622
sha512: 0405485f1e043d82b0730ab3c6c9a02a9ad5330d2c7e9f46ed3e83435329ff74bbc2d698bae0de3daaa73536bd91a94d85aa697d0eb72584e710804d6d4ca3f7
ssdeep: 3072:5f3I7DNWTdNgSnVuuNY/cqrS+mBae0wGm24GMrBP:5f3YoTxnkm4cq2r3X26P
type: PE32+ executable (GUI) x86-64, for MS Windows
tlsh: T10AC36C57B3A034F9E063C77489B10B18EBB1B57106B09B5F43A449A64F773D18E2AB36
sha3_384: f83ff8dbec3573ada84eae7819a2627e145911c64012acf0e25effceb4e3693c5dedbc04ee44d4a86234e843ff2fed43
ep_bytes: 4883ec28e8c73000004883c428e936fe
timestamp: 2016-02-11 00:25:25


Version Info:

Comments: 
LegalCopyright: License: MPL 2
CompanyName: Mozilla Foundation
FileDescription: 
FileVersion: 44.0.2
ProductVersion: 44.0.2
InternalName: 
LegalTrademarks: Mozilla
OriginalFilename: wow_helper.exe
ProductName: Firefox
BuildID: 20160210153822
Translation: 0x0000 0x04b0

Graftor.643745 also known as:

DrWebTrojan.BtcMine.1759
MicroWorld-eScanGen:Variant.Graftor.643745
ALYacGen:Variant.Graftor.643745
AlibabaVirus:Win32/OnLineGames.1fbf6914
Cybereasonmalicious.c9d5ac
CyrenW32/CoinMiner.CJ.gen!Eldorado
SymantecTrojan.Gen.MBT
BitDefenderGen:Variant.Graftor.643745
AvastWin64:Malware-gen
McAfee-GW-EditionArtemis!Trojan
FireEyeGen:Variant.Graftor.643745
EmsisoftGen:Variant.Graftor.643745 (B)
GDataGen:Variant.Graftor.643745
AviraHEUR/AGEN.1141404
ArcabitTrojan.Graftor.D9D2A1
MicrosoftTrojan:Win32/Sabsik.TE.B!ml
McAfeeArtemis!29F642EC9D5A
MAXmalware (ai score=84)
MalwarebytesMalware.AI.3053515240
TrendMicro-HouseCallTROJ_GEN.R002H0CKR21
RisingTrojan.Kryptik!1.B3E8 (CLASSIC)
IkarusVirus.Win32.OnLineGames.BFT
FortinetW32/Ipamor.858F!tr
AVGWin64:Malware-gen

How to remove Graftor.643745?

Graftor.643745 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment