Malware

Graftor.715300 removal tips

Malware Removal

The Graftor.715300 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Graftor.715300 virus can do?

  • Executable code extraction
  • Attempts to connect to a dead IP:Port (1 unique times)
  • Presents an Authenticode digital signature
  • Creates RWX memory
  • A process attempted to delay the analysis task.
  • Loads a driver
  • Drops a binary and executes it
  • Unconventionial language used in binary resources: Turkish
  • The binary likely contains encrypted or compressed data.
  • Uses Windows utilities for basic functionality
  • Installs itself for autorun at Windows startup
  • Creates a hidden or system file
  • Creates a copy of itself
  • Anomalous binary characteristics
  • Uses suspicious command line tools or Windows utilities

How to determine Graftor.715300?



File Info:

crc32: D10EBD2D
md5: 64cd5e8a00f7ebb8a0db8dde0f30e920
name: 64CD5E8A00F7EBB8A0DB8DDE0F30E920.mlw
sha1: 6f517e7cae80082facaca04ee779a3608c0ba62c
sha256: ad8bb6a26ffb2234855a89f214ac91cc98c8e53910a181f7cf9828062a734c03
sha512: ad58be22df9fad71ed3fc76da125f27c6c0e1c24144b924fbfcaf0313f8223b2850f1bb15909af49dd950e020c283cb40523379d195099759533af7b2d53ebb1
ssdeep: 6144:KRjbUHOvGUNIE/FDjBazqjWgR+MSEtvlZTONpRGX5B4PY3mA0O0Gp8NhV5+odle:Sjbh9tDjiuT+xEtl0u4w3mAZyFdc
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: Copyright (C) 2005 Macrovision Corporation
InternalName: Setup
FileVersion: 11.00.28844
CompanyName: Macrovision Corporation
ProductName: InstallShield (R)
OLESelfRegister: 
ProductVersion: 11.00
FileDescription: Setup.exe
OriginalFilename: Setup.exe
Translation: 0x0409 0x04b0

Graftor.715300 also known as:

MicroWorld-eScanGen:Variant.Graftor.715300
CAT-QuickHealBackdoor.FarfliRI.S8943025
Qihoo-360Win32/Backdoor.32d
McAfeeTrojan-FRMW!64CD5E8A00F7
CylanceUnsafe
ZillyaTrojan.GenKryptik.Win32.38436
CrowdStrikewin/malicious_confidence_60% (D)
K7GWTrojan ( 0055a5d81 )
K7AntiVirusTrojan ( 0055a5d81 )
ESET-NOD32a variant of Win32/GenKryptik.DWFX
APEXMalicious
AvastWin32:BackdoorX-gen [Trj]
KasperskyHEUR:Backdoor.Win32.Farfli.vho
BitDefenderGen:Variant.Graftor.715300
NANO-AntivirusTrojan.Win32.Farfli.gethzp
RisingBackdoor.Farfli!8.B4 (RDMK:cmRtazonoTIl5ia/OxGeBst7J53q)
Ad-AwareGen:Variant.Graftor.715300
EmsisoftGen:Variant.Graftor.715300 (B)
F-SecureTrojan.TR/Kryptik.nuujq
DrWebTrojan.Siggen8.59182
VIPRETrojan.Win32.Generic.pak!cobra
Invinceaheuristic
McAfee-GW-EditionTrojan-FRMW!64CD5E8A00F7
Trapminesuspicious.low.ml.score
FireEyeGeneric.mg.64cd5e8a00f7ebb8
CyrenW32/Agent.BOB.gen!Eldorado
JiangminHeur:TrojanDropper.TDSS
AviraTR/Kryptik.nuujq
FortinetW32/Generic.AP.1EEA56A!tr
Endgamemalicious (high confidence)
ArcabitTrojan.Graftor.DAEA24
ZoneAlarmHEUR:Backdoor.Win32.Farfli.vho
MicrosoftTrojan:Win32/GhostRAT.AA!MTB
AhnLab-V3Trojan/Win32.RL_Farfli.R299612
Acronissuspicious
VBA32Backdoor.Farfli
ALYacGen:Variant.Ulise.84461
MAXmalware (ai score=85)
MalwarebytesBackdoor.Ghost
TencentMalware.Win32.Gencirc.10b9d486
YandexBackdoor.Farfli!4wdSqoOHZBo
SentinelOneDFI – Malicious PE
eGambitPE.Heur.InvalidSig
GDataGen:Variant.Graftor.715300
BitDefenderThetaGen:NN.ZexaF.34108.zm1@aeFjFUzP
AVGWin32:BackdoorX-gen [Trj]
MaxSecureTrojan.Malware.74702528.susgen

How to remove Graftor.715300?

Graftor.715300 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment