Graftor.721460 malicious file

Malware Removal

The Graftor.721460 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Graftor.721460 virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Repeatedly searches for a not-found process, may want to run with startbrowser=1 option
  • Reads data out of its own binary image
  • Attempts to delete volume shadow copies
  • Installs itself for autorun at Windows startup
  • Exhibits possible ransomware file modification behavior
  • Creates a hidden or system file
  • Creates a copy of itself
  • Uses suspicious command line tools or Windows utilities

Related domains:

z.whorecord.xyz
a.tomx.xyz

How to determine Graftor.721460?


File Info:

crc32: 28F19F8B
md5: d0b0abcc7da57a45754dc51f82b895b9
name: D0B0ABCC7DA57A45754DC51F82B895B9.mlw
sha1: 083c1f07e0402262a9fa89842b0e23830baf3411
sha256: 5eed0a3f19bc534676261103f79423a9df962d7734d284d3925733b6eefa5e81
sha512: b4654c646e6e465ceb4336bd1f3002bbd2d347ad6cf87d7dcedfb1d051839e58695c57e271061b57107af35374f017badaeb56dd43a3a54e92a0ec7f14b9e27f
ssdeep: 24576:Ay9MHihqN5G2+Q5JJss/aZuW22yfA2xXezKZCfR3aAglyTY/imvWM5TXcylGK3x:vjK9im+M5TXcyEK3xX
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

LegalCopyright: O&K Software Ltd. 2006-2014 (c)
InternalName: Gender countbygender Remain
FileVersion: 7.7.9.5
CompanyName: O&K Software Ltd.
PrivateBuild: 7.7.9.5
LegalTrademarks: O&K Software Ltd. 2006-2014 (c)
ProductName: Gender countbygender Remain
Languages: English
ProductVersion: 7.7.9.5
FileDescription: Repackage Synchandler Vserver Elevated Getdinners
OriginalFilename: Gender countbygender Remain
Translation: 0x0409 0x04b0

Graftor.721460 also known as:

K7AntiVirusTrojan ( 005631871 )
LionicTrojan.Win32.Dropback.b!c
Elasticmalicious (high confidence)
DrWebTrojan.MulDrop11.51565
ALYacGen:Variant.Graftor.721460
CylanceUnsafe
ZillyaTrojan.Kryptik.Win32.1966082
SangforTrojan.Win32.Occamy.C
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaTrojanDropper:Win32/Dropback.1f73fbbe
K7GWTrojan ( 005631871 )
Cybereasonmalicious.c7da57
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Kryptik.HCDN
APEXMalicious
AvastWin32:Trojan-gen
KasperskyTrojan-Dropper.Win32.Dropback.ji
BitDefenderGen:Variant.Graftor.721460
NANO-AntivirusTrojan.Win32.Dropback.hghgox
MicroWorld-eScanGen:Variant.Graftor.721460
TencentWin32.Trojan-dropper.Dropback.Wqmi
Ad-AwareGen:Variant.Graftor.721460
SophosMal/Generic-S
VIPRETrojan.Win32.Generic!BT
TrendMicroMal_HPGen-37b
McAfee-GW-EditionBehavesLike.Win32.Dropper.th
FireEyeGen:Variant.Graftor.721460
EmsisoftGen:Variant.Graftor.721460 (B)
WebrootW32.Trojan.Gen
AviraTR/AD.Crysis.paztv
Antiy-AVLTrojan/Generic.ASMalwS.3021430
MicrosoftTrojan:Win32/Occamy.C
GDataGen:Variant.Graftor.721460
McAfeeGenericRXKD-YD!D0B0ABCC7DA5
MAXmalware (ai score=88)
VBA32TrojanDropper.Dropback
PandaTrj/CI.A
TrendMicro-HouseCallMal_HPGen-37b
YandexTrojan.Kryptik!UQ+eiHIYaUY
IkarusTrojan-Spy.Remcos
FortinetW32/Dropback.HCDN!tr.ransom
AVGWin32:Trojan-gen
Paloaltogeneric.ml

How to remove Graftor.721460?

Graftor.721460 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

Leave a Comment