Malware

Graftor.951317 removal guide

Malware Removal

The Graftor.951317 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Graftor.951317 virus can do?

  • At least one process apparently crashed during execution
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid

How to determine Graftor.951317?



File Info:

name: FEC5643D2DD3B9BD9B3F.mlw
path: /opt/CAPEv2/storage/binaries/f1715c47ff2a7ff246027bcc84f3c78cbcb0ce3e61a5d8b732970c0572913554
crc32: 214CA974
md5: fec5643d2dd3b9bd9b3fb6fce07c5082
sha1: bd7fab6403be1a115864ed6dd75f1682eb14da1d
sha256: f1715c47ff2a7ff246027bcc84f3c78cbcb0ce3e61a5d8b732970c0572913554
sha512: 552589e06eb4fac41a4b02461533534960c0c93eb3577c8f47d5e079b5df4ccce05fb69347e2aaad070ef522202cd8c29f8954f83f3225beacb26b839bc4a31c
ssdeep: 6144:A20fZTZiOYbo+h9g1V5dY4orn+GruC6V7w5ajM9ACjLifMwHeOQoCRyX7OhR1a:BizUbX0G4ornwFIsfMwHHQtRyXKhDa
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T152742368F4B1A217D1E208FC045119F93E6AEC1291556D82A3D1FF45FE39A4ADF23A2C
sha3_384: ed71f1a7596da23a296ff5f39156914ad53c1a7964a1811f8b24dd6ed15121f8ec1fdc23250db9464cf51f7f2d400a02
ep_bytes: 60fe007048008dbe008077ff57eb0b90
timestamp: 2016-04-18 11:21:13


Version Info:

FileVersion: 1.4.0.0
Comments: http://www.autoitscript.com/autoit3/
FileDescription: IDM Patch-Activator Download
ProductVersion: 3.3.14.2
LegalCopyright: ptk911@2016
CompanyName: ptk911@2016
Translation: 0x0809 0x04b0

Graftor.951317 also known as:

BkavW32.AIDetect.malware2
MicroWorld-eScanGen:Variant.Graftor.951317
ALYacGen:Variant.Graftor.951317
CylanceUnsafe
Cybereasonmalicious.403be1
APEXMalicious
BitDefenderGen:Variant.Graftor.951317
AvastWin32:Malware-gen
Ad-AwareGen:Variant.Graftor.951317
ComodoPacked.Win32.MUPX.Gen@24tbus
VIPRETrojan.Win32.AutoIt.ypa (v)
McAfee-GW-EditionBehavesLike.Win32.TrojanAitInject.fc
FireEyeGeneric.mg.fec5643d2dd3b9bd
EmsisoftGen:Variant.Graftor.951317 (B)
GDataGen:Variant.Graftor.951317
Antiy-AVLTrojan/Generic.ASCommon.168
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
CynetMalicious (score: 100)
McAfeeArtemis!FEC5643D2DD3
MAXmalware (ai score=80)
IkarusTrojan.AutoIt.Nymeria
FortinetW32/PossibleThreat
BitDefenderThetaGen:NN.ZexaF.34084.wm0@aytHw!bi
AVGWin32:Malware-gen
CrowdStrikewin/malicious_confidence_70% (W)
MaxSecureTrojan.Malware.300983.susgen

How to remove Graftor.951317?

Graftor.951317 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment