Malware

About “Graftor.972969” infection

Malware Removal

The Graftor.972969 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Graftor.972969 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Dynamic (imported) function loading detected
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Network activity detected but not expressed in API logs

Related domains:

wpad.local-net

How to determine Graftor.972969?



File Info:

name: 5CFBECEA70D8C2AAB426.mlw
path: /opt/CAPEv2/storage/binaries/4308ec785212211f4cf9b1afe3a9b3e990f41a9eb79b663b8ba5999f9e9d9164
crc32: A725945C
md5: 5cfbecea70d8c2aab42646fb21d5458a
sha1: 131d660df7adffd90e3f3b219eb6d1abe23a47e5
sha256: 4308ec785212211f4cf9b1afe3a9b3e990f41a9eb79b663b8ba5999f9e9d9164
sha512: d2fc339388809f3833d1631516fb27cddc539c4655a5063a9a335e1caeabdf8035568221c5554ce6e8288bbdc1459468b0f65c382913f374b6c118f76adf8054
ssdeep: 3072:9sCV7nE+qR31pVozXtTNUPu+ySPf4I84ASXN41OAg0FubBe/hTgE1BWmqh40MLd6:9zbWozXtTeWGIN4TAOaVjHAaLO
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1B2445C1076E29831F1B36C364DFCAA9A853DF92107165AEF63D8061E5EB45C1BA30B37
sha3_384: d0853fe16111de456f2711044e4d06c15d6583d9c37cf10a42ab4bc4036778d398703c0090413c7415772aec3bd62f6f
ep_bytes: e89e060000e98efeffffff2548c14100
timestamp: 2018-02-02 11:47:49


Version Info:

FileDescription: OEXHAJILZ
OriginalFilename: yotaix.exe
InternalName: yotaix
CompanyName: IPAOQC EEXGAUQWYO
Translation: 0x0409 0x04b0

Graftor.972969 also known as:

BkavW32.AIDetect.malware2
LionicAdware.Win32.Generic.2!c
Elasticmalicious (high confidence)
DrWebTrojan.StartPage1.49548
MicroWorld-eScanGen:Variant.Graftor.972969
FireEyeGeneric.mg.5cfbecea70d8c2aa
McAfeePUP-XER-IL
CylanceUnsafe
ZillyaAdware.Hpdefender.Win32.6
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_60% (D)
AlibabaAdWare:Win32/HPDefender.1fbc8bc6
K7GWAdware ( 00525cb11 )
K7AntiVirusAdware ( 00525cb11 )
ArcabitTrojan.Graftor.DED8A9
BitDefenderThetaGen:NN.ZexaF.34084.qC0@aOCaBDgi
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Adware.HPDefender.DBG
Paloaltogeneric.ml
Kasperskynot-a-virus:HEUR:AdWare.Win32.Generic
BitDefenderGen:Variant.Graftor.972969
NANO-AntivirusRiskware.Win32.Hpdefender.expkfe
AvastWin32:Adware-gen [Adw]
TencentWin32.Adware.Generic.Tazj
Ad-AwareGen:Variant.Graftor.972969
SophosGeneric PUA BD (PUA)
ComodoApplicUnwnt@#susil5q49qwk
VIPREAdware.Win32.Hpdefender
McAfee-GW-EditionPUP-XER-IL
EmsisoftGen:Variant.Graftor.972969 (B)
SentinelOneStatic AI – Suspicious PE
JiangminAdWare.Hpdefender.atx
WebrootW32.Adware.Gen
AviraHEUR/AGEN.1103386
MAXmalware (ai score=85)
Antiy-AVLTrojan/Win32.BTSGeneric
KingsoftWin32.Troj.Generic.ta.(kcloud)
GridinsoftRansom.Win32.Occamy.sa
MicrosoftTrojan:Win32/Occamy.C43
ViRobotAdware.Hpdefender.274432
GDataGen:Variant.Graftor.972969
CynetMalicious (score: 100)
ALYacGen:Variant.Graftor.972969
VBA32Adware.Hpdefender
MalwarebytesMalware.AI.2658728153
APEXMalicious
RisingTrojan.Generic@ML.100 (RDML:LWlvjvm/FsQo5YZWP3jbNg)
YandexPUA.Hpdefender!P7TT6MtDbLU
IkarusPUA.HPDefender
FortinetRiskware/HPDefender
AVGWin32:Adware-gen [Adw]
PandaTrj/GdSda.A
MaxSecureTrojan.Malware.300983.susgen

How to remove Graftor.972969?

Graftor.972969 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment