Categories: Malware

Should I remove “Graftor.750360”?

The Graftor.750360 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Graftor.750360 virus can do?

Executable code extraction
Presents an Authenticode digital signature
Creates RWX memory
A process attempted to delay the analysis task.
Attempts to connect to a dead IP:Port (8 unique times)
Repeatedly searches for a not-found process, may want to run with startbrowser=1 option
Reads data out of its own binary image
HTTP traffic contains suspicious features which may be indicative of malware related traffic
Performs some HTTP requests
Unconventionial binary language: Chinese (Simplified)
Unconventionial language used in binary resources: Chinese (Simplified)
Sniffs keystrokes
Collects information about installed applications
Checks the version of Bios, possibly for anti-virtualization
Attempts to modify proxy settings

Related domains:

z.whorecord.xyz

w.nanweng.cn

cdn.zry97.com

www.winrar.com.cn

a.tomx.xyz

s95.cnzz.com

s4.cnzz.com

ocsp.globalsign.com

ocsp2.globalsign.com

z11.cnzz.com

c.cnzz.com

cnzz.mmstat.com

z4.cnzz.com

How to determine Graftor.750360?


File Info:
crc32: 0960F82Cmd5: 358d1c22327b20542a0aaa8e67aba1a8name: E4B88BE8BDBDE599A8.exesha1: f4d32e4830aea6afcb68368262c45a9f62d88854sha256: fcca776222a20fc25b6a37906c593445d2a7c90be781519dfbf0abe39f742b9asha512: cd11a06a3cbe693c5a826f24f0ab2f7aeb3abf9432e1313262a96fb2c618acf94b459c5852f99c7f45e297610d1e4e2708bfcfc1be9ae45e5eb65074fe59cd56ssdeep: 24576:0QNtxSKejUV+mPlIHlC2miEO8MJlFVqxISuuSx6sFF+d:TtxijUVpdlussF0dtype: PE32 executable (GUI) Intel 80386, for MS Windows
Version Info:
LegalCopyright: Copyright (C) 2020InternalName: x667ax80fdx4e0bx8f7dx5668.exeFileVersion: 5.0.0.0519ProductName: x667ax80fdx4e0bx8f7dx5668.exeFileDescription: _OriginalFilename: x667ax80fdx4e0bx8f7dx5668.exeTranslation: 0x0804 0x04b0

Graftor.750360 also known as:

MicroWorld-eScan	Gen:Variant.Graftor.750360
McAfee	Artemis!358D1C22327B
VIPRE	Trojan.Win32.Generic!BT
Sangfor	Malware
K7AntiVirus	Adware ( 00510c5c1 )
BitDefender	Gen:Variant.Graftor.750360
K7GW	Adware ( 00510c5c1 )
Symantec	ML.Attribute.HighConfidence
Avast	Win32:Adware-gen [Adw]
GData	Gen:Variant.Graftor.750360
Kaspersky	not-a-virus:Downloader.Win32.Agent.mixb
Alibaba	Downloader:Win32/Qjwmonkey.86069d3b
Rising	Adware.Downloader!1.BDCA (CLOUD)
Ad-Aware	Gen:Variant.Graftor.750360
Emsisoft	Gen:Variant.Graftor.750360 (B)
F-Secure	Adware.ADWARE/Qjwmonkey.tovmu
DrWeb	Adware.Qjwmonkey.168
TrendMicro	Adware.Win32.Qiwmonk.USXVPES20
McAfee-GW-Edition	Artemis!PUP
FireEye	Generic.mg.358d1c22327b2054
Sophos	Generic PUA PE (PUA)
Cyren	W32/Trojan.KZIL-6796
Webroot	W32.Adware.Gen
Avira	ADWARE/Qjwmonkey.tovmu
MAX	malware (ai score=87)
Antiy-AVL	RiskWare[Downloader]/Win32.Agent
Endgame	malicious (high confidence)
Arcabit	Trojan.Graftor.DB7318
ZoneAlarm	not-a-virus:Downloader.Win32.Agent.mixb
Microsoft	PUA:Win32/Qjwmonkey
ALYac	Gen:Variant.Graftor.750360
VBA32	BScope.TrojanDropper.Dapato
Malwarebytes	Adware.ChinAd
Panda	Trj/CI.A
ESET-NOD32	a variant of Win32/Adware.Qjwmonkey.H
TrendMicro-HouseCall	Adware.Win32.Qiwmonk.USXVPES20
eGambit	Trojan.Generic
Fortinet	Riskware/Agent
AVG	FileRepMetagen [Adw]
MaxSecure	Trojan.Malware.121218.susgen