Graftor.713914 (file analysis)

Malware Removal

The Graftor.713914 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

ribbon

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
THANK YOU!
DOWNLOAD NOW
On Going Offer

What Graftor.713914 virus can do?

  • Presents an Authenticode digital signature
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX

Related domains:

2398.35go.net
infoc0.duba.net
dubacdn.cmcmcdn.com
www.baidu.com
config.i.duba.net

How to determine Graftor.713914?


File Info:

crc32: 1E962333
md5: 5ab2cef9d9bf68ec5fe868600983085c
name: wechat_________.exe
sha1: bb4123e3322e10992f9096213fd11d73ccf083b8
sha256: c2f023e17c2cc26a7766ce96f8ff217f4c4f87a98261cebb4905001d81c57e48
sha512: 1057ee212909a0498a733400486b2ce4358325fc2ef227df0b6b906081a0e2862bad19c716e4c502d58a3e9fead01eb9983a364afcc3991f3e0cf289dc836165
ssdeep: 24576:0KpAFDJ4Jl72B3jKrlzAs4bR89DDUt/m4ZVUJ:5ed8l72BTK5d4bRIDDUtV8
type: PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed

Version Info:

LegalCopyright: Copyright (C) 1998-2019 Kingsoft Corporation
InternalName: KInstallTool
FileVersion: 2019,11,18,23215
CompanyName: Kingsoft Corporation
ProductName: BUyaox3a4
ProductVersion: 9,3,360915,23215
FileDescription: Kingsoft Security - x5b89x88c5x7a0bx5e8f
OriginalFilename: KInstallTool.exe
Translation: 0x0000 0x04b0

Graftor.713914 also known as:

MicroWorld-eScanGen:Variant.Graftor.713914
FireEyeGen:Variant.Graftor.713914
McAfeeArtemis!5AB2CEF9D9BF
CylanceUnsafe
BitDefenderGen:Variant.Graftor.713914
TotalDefenseWin32/PackedTCQQ
AvastWin32:Malware-gen
GDataGen:Variant.Graftor.713914
NANO-AntivirusTrojan.Win32.KingSoft.gkjlir
DrWebTrojan.DownLoader30.44326
McAfee-GW-EditionArtemis!Trojan
EmsisoftGen:Variant.Graftor.713914 (B)
CyrenW32/Trojan.SYPE-8451
JiangminTrojan.MSIL.nstp
Antiy-AVLGrayWare/Win32.Presenoker
Endgamemalicious (moderate confidence)
MAXmalware (ai score=88)
VBA32BScope.Adware.Presenoker
ESET-NOD32a variant of Win32/KingSoft.B potentially unwanted
SentinelOneDFI – Suspicious PE
FortinetRiskware/KingSoft
AVGWin32:Malware-gen

How to remove Graftor.713914?

Graftor.713914 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

Leave a Comment