Malware

About “Graftor.647558” infection

Malware Removal

The Graftor.647558 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Graftor.647558 virus can do?

  • Injection (inter-process)
  • Injection (Process Hollowing)
  • Injection with CreateRemoteThread in a remote process
  • Attempts to connect to a dead IP:Port (1 unique times)
  • Creates RWX memory
  • Possible date expiration check, exits too soon after checking local time
  • Expresses interest in specific running processes
  • A process created a hidden window
  • Performs some HTTP requests
  • Executed a process and injected code into it, probably while unpacking
  • Queries information on disks for anti-virtualization via Device Information APIs
  • Code injection with CreateRemoteThread in a remote process
  • A process attempted to delay the analysis task by a long amount of time.
  • Installs itself for autorun at Windows startup
  • Creates a hidden or system file
  • Creates a copy of itself
  • Collects information to fingerprint the system
  • Anomalous binary characteristics

Related domains:

edgedl.me.gvt1.com

How to determine Graftor.647558?



File Info:

crc32: 3BEEED34
md5: f5cc1d9481b083729a87c262304250ac
name: F5CC1D9481B083729A87C262304250AC.mlw
sha1: 9c964dc6f614e4b2d995660da2e98682ca7b4912
sha256: 1277d25e1c2edaaf19d89afa71c64057425c3f13914bc4d1474d7d6d76cc0628
sha512: c860ef508080bcdb296a9b9d697007fb44a86ada11276c83eb2a362b6a3d7ddbc89acbdb5ffd09af1b77ba6f4dfafe46c648f8dcd6e5607aa8d1d5e1e00edf74
ssdeep: 6144:hjz5EwxAQ5nAOpngFnhOCZUBD94JNemDJKk5nkgesTd:hJEwxAOn7grOeZJNemDJKk5nkaTd
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

0: [No Data]

Graftor.647558 also known as:

BkavW32.AIDetect.malware1
K7AntiVirusTrojan ( 0050b8a21 )
Elasticmalicious (high confidence)
DrWebTrojan.Encoder.11019
CynetMalicious (score: 100)
CAT-QuickHealBackdoor.Androm.A5
ALYacGen:Variant.Graftor.647558
CylanceUnsafe
ZillyaTrojan.Kryptik.Win32.1170683
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (D)
K7GWTrojan ( 0050b8a21 )
Cybereasonmalicious.481b08
CyrenW32/S-1506d0a5!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Kryptik.FRCS
APEXMalicious
AvastWin32:Bzofiku-A [Drp]
ClamAVWin.Packed.Zusy-7057632-0
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Variant.Graftor.647558
NANO-AntivirusTrojan.Win32.Androm.enqrfn
ViRobotTrojan.Win32.XPacker.Gen
MicroWorld-eScanGen:Variant.Graftor.647558
TencentMalware.Win32.Gencirc.10b4423c
Ad-AwareGen:Variant.Graftor.647558
SophosMal/Generic-S
ComodoTrojWare.Win32.Lethic.M@6wt8pn
BitDefenderThetaAI:Packer.5569425E1F
TrendMicroTROJ_KRYPTIK_GD17005B.UVPM
McAfee-GW-EditionBehavesLike.Win32.Trojan.fh
FireEyeGeneric.mg.f5cc1d9481b08372
EmsisoftGen:Variant.Graftor.647558 (B)
SentinelOneStatic AI – Malicious PE
JiangminBackdoor.Androm.onz
WebrootW32.Trojan.Lethic
AviraHEUR/AGEN.1103301
Antiy-AVLTrojan/Win32.TSGeneric
MicrosoftTrojan:Win32/Wacatac.B!ml
GDataGen:Variant.Graftor.647558
AhnLab-V3Trojan/Win32.Androm.R198422
Acronissuspicious
McAfeeTrojan-FMLV!F5CC1D9481B0
MAXmalware (ai score=83)
VBA32BScope.Worm.Oxynoxy
MalwarebytesBackdoor.Bot
PandaTrj/Genetic.gen
TrendMicro-HouseCallTROJ_KRYPTIK_GD17005B.UVPM
RisingTrojan.Generic@ML.100 (RDML:/QGs6Yo89tb/stn5ZKlxuQ)
YandexTrojan.GenAsa!bMf6sIsDZnw
IkarusTrojan.Win32.Crypt
FortinetW32/Kryptik.FRAS!tr
AVGWin32:Bzofiku-A [Drp]

How to remove Graftor.647558?

Graftor.647558 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment