Malware

Graftor.85303 (B) malicious file

Malware Removal

The Graftor.85303 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Graftor.85303 (B) virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Behavioural detection: Injection (Process Hollowing)
  • Behavioural detection: Injection (inter-process)
  • Anomalous binary characteristics

How to determine Graftor.85303 (B)?



File Info:

name: 4493A78274DEC81F11E5.mlw
path: /opt/CAPEv2/storage/binaries/ef3c928721c057f2fff34e723bf6e5ec5cdfa2eabca05c10c6a72ca63f122e29
crc32: C7E1E71B
md5: 4493a78274dec81f11e53cbf5d8ebe1a
sha1: 0ab4d0c1e18f87dd3bd874f2aea859f4e1b25f8f
sha256: ef3c928721c057f2fff34e723bf6e5ec5cdfa2eabca05c10c6a72ca63f122e29
sha512: 4e6a9c3bade4554e6d0609e8cf089dc0ae571dace1c850fbb7487d0245edab3ec350ceebecc03e5e3cda562cb8993a61a9866aa37240238567c284c8f486d809
ssdeep: 6144:PxjHaXSr6bPLealgybqprRpabmOg9ISwAuZMiiLq:VHKSr6bDnlr67ONaO
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1BF34025571E1D435C027A57056A9C1B18BA3B962AFB9828F33E4175AAFF06D00F3D3B2
sha3_384: 047a2392d64c21f2276e713ef9fa7062e04278b21f0a990f798ea8636993f121446dec54b62f3dac36fd3146dfd7272f
ep_bytes: e80a190000e989feffff8bff558bec81
timestamp: 2013-04-27 21:02:15


Version Info:

0: [No Data]

Graftor.85303 (B) also known as:

BkavW32.AIDetect.malware2
Elasticmalicious (high confidence)
DrWebTrojan.PWS.Wsgame.33735
MicroWorld-eScanGen:Variant.Graftor.85303
FireEyeGeneric.mg.4493a78274dec81f
McAfeePWS-Zbot-FAZJ!4493A78274DE
CylanceUnsafe
ZillyaTrojan.Zbot.Win32.124131
SangforTrojan.Win32.Save.a
K7AntiVirusRiskware ( 0040eff71 )
AlibabaTrojanSpy:Win32/Wonton.2897acc9
K7GWRiskware ( 0040eff71 )
CrowdStrikewin/malicious_confidence_100% (W)
BitDefenderThetaGen:NN.ZexaF.34606.pqX@aWSNqgdi
SymantecML.Attribute.HighConfidence
ESET-NOD32Win32/Spy.Zbot.AAO
APEXMalicious
TrendMicro-HouseCallTROJ_SPNR.35ET14
Paloaltogeneric.ml
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Variant.Graftor.85303
NANO-AntivirusTrojan.Win32.Wsgame.crajuz
AvastWin32:Malware-gen
TencentWin32.Trojan.Generic.Pcsp
Ad-AwareGen:Variant.Graftor.85303
EmsisoftGen:Variant.Graftor.85303 (B)
ComodoMalware@#24frbviw86hbs
VIPREGen:Variant.Graftor.85303
TrendMicroTROJ_SPNR.35ET14
McAfee-GW-EditionPWS-Zbot-FAZJ!4493A78274DE
Trapminesuspicious.low.ml.score
SophosMal/Generic-R + Troj/Wonton-AY
SentinelOneStatic AI – Suspicious PE
GDataGen:Variant.Graftor.85303
WebrootW32.Rogue.Gen
GoogleDetected
AviraHEUR/AGEN.1213610
MAXmalware (ai score=84)
Antiy-AVLTrojan/Generic.ASMalwS.24D
KingsoftWin32.Troj.Undef.(kcloud)
MicrosoftPWS:Win32/Zbot
CynetMalicious (score: 100)
AhnLab-V3Spyware/Win32.Zbot.C166941
Acronissuspicious
VBA32SScope.Malware-Cryptor.Ponik
ALYacGen:Variant.Graftor.85303
RisingMalware.Undefined!8.C (TFE:5:W3wOTFUygJB)
YandexTrojan.GenAsa!JrkMgN8qRV0
IkarusTrojan.Crypt
AVGWin32:Malware-gen
PandaTrj/Genetic.gen

How to remove Graftor.85303 (B)?

Graftor.85303 (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment