Malware

Graftor.955685 removal guide

Malware Removal

The Graftor.955685 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Graftor.955685 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Dynamic (imported) function loading detected
  • Starts servers listening on 127.0.0.1:0
  • Authenticode signature is invalid
  • Steals private information from local Internet browsers

How to determine Graftor.955685?



File Info:

name: 84AD4943240541FE6AAE.mlw
path: /opt/CAPEv2/storage/binaries/d16d4cbc6faf0146eb7c909aacf435293a852115caa8ee0ec40fd3bd8a4b9dd1
crc32: EDFFBD69
md5: 84ad4943240541fe6aaea1154ce5fb38
sha1: 8f3229c4b698215af4a382f6795e929bafc52e0e
sha256: d16d4cbc6faf0146eb7c909aacf435293a852115caa8ee0ec40fd3bd8a4b9dd1
sha512: 32064ed0018b8049b7c32b97871ca68eacef48b8f17d290c3ddfe3d3e819b998e7fbe63201e0f8deed1662bf57936d7e3e15ac07955585727499265901d2b452
ssdeep: 12288:Zqvj+Dpj7BGuO9xtHIBgDSppPhGTGK73Gm4JIB5zOGb7GlmzeNM:ZqvjIKjGm4JIB5zOGbS8zeNM
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T14FA48DA6BE52A1F2E68101F451F67B3B0E3886195310A9D3E3D44DA899103F27F3F69D
sha3_384: d033c00e78a16042b694eebf2f928b6e9974e5d298ce6dedb9fb9e414bcff8fcd01fbd1789bece48de8e780efd2d2dc4
ep_bytes: e808090000e974feffffcccccccccccc
timestamp: 2022-02-04 17:46:51


Version Info:

0: [No Data]

Graftor.955685 also known as:

Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Graftor.955685
ALYacGen:Variant.Graftor.955685
BitDefenderGen:Variant.Graftor.955685
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/PSW.Discord.L
APEXMalicious
F-SecureHeuristic.HEUR/AGEN.1206811
FireEyeGeneric.mg.84ad4943240541fe
EmsisoftGen:Variant.Graftor.955685 (B)
AviraHEUR/AGEN.1206811
MAXmalware (ai score=80)
MicrosoftTrojan:Win32/Sabsik!ml
GDataGen:Variant.Graftor.955685
CynetMalicious (score: 100)
VBA32TScope.Malware-Cryptor.SB
RisingMalware.Heuristic!ET#81% (RDMK:cmRtazpLAFgDYceKzj7/JT/gBrpv)
MaxSecureTrojan.Malware.300983.susgen
AVGFileRepMalware
Cybereasonmalicious.324054
AvastFileRepMalware

How to remove Graftor.955685?

Graftor.955685 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment