Categories: Malware

About “Application.Fragtor.9” infection

The Application.Fragtor.9 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Application.Fragtor.9 virus can do?

Behavioural detection: Executable code extraction – unpacking
Uses Windows utilities for basic functionality
Reads data out of its own binary image
CAPE extracted potentially suspicious content
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid
Behavioural detection: Injection (inter-process)
Behavioural detection: Injection with CreateRemoteThread in a remote process
Detects Bochs through the presence of a registry key
Touches a file containing cookies, possibly for information gathering

How to determine Application.Fragtor.9?


File Info:
name: 7A434BB31696DF1BCA1F.mlwpath: /opt/CAPEv2/storage/binaries/db65046c64ba962c42db2b16d38f7fb876f14d798da920930dd4e43b768b5ce2crc32: EE2E18BCmd5: 7a434bb31696df1bca1f4a50d8b1934asha1: dbaa75b22ca2fab44b12f6f2a10f0d6bad1cfef5sha256: db65046c64ba962c42db2b16d38f7fb876f14d798da920930dd4e43b768b5ce2sha512: 27f688d69a4d4199f881471c857398a2d9e8cb2d2856afcbc252a1dfd2e58640afc866fd877149ad292e562a452e468940fb213afc21a672e3be5b1dab52a0c9ssdeep: 3072:M65Z853kr7XA8/YjHhlLtnPkQTNRihfVRMKmXnhb/zQpUN5d3FykktujhYNxUyTZ:x5C5UrL3SB8aHAMKc4BRtype: PE32 executable (GUI) Intel 80386, for MS Windowstlsh: T165447E239650E90DE69144B319E1E7BA352C3D2640464E0FB18CFE4B7B72D93B4AE727sha3_384: 702c6a7708a275314d67f95424e3f8a63344ad6becd0c66ad78c8a18201dc90458aad3bb2ff1952dbd870b94fbbdadfbep_bytes: 68ec0e4100e8f0ffffff000048000000timestamp: 2011-09-07 12:56:05
Version Info:
Translation: 0x0409 0x04b0Comments: =B3ELIVE=CompanyName: http://reza-belive.blogspot.com/ProductName: SIMPLE AUTO INJECKTORFileVersion: 1.00ProductVersion: 1.00InternalName: rezaOriginalFilename: reza.exe

Application.Fragtor.9 also known as:

Elastic	malicious (high confidence)
Cynet	Malicious (score: 99)
FireEye	Generic.mg.7a434bb31696df1b
Skyhigh	Generic BackDoor.wb
ALYac	Gen:Variant.Application.Fragtor.9
Malwarebytes	MachineLearning/Anomalous.95%
Zillya	Trojan.VBiframe.Win32.1281
Sangfor	Suspicious.Win32.Save.vb
CrowdStrike	win/malicious_confidence_60% (W)
Symantec	Trojan.Gen
ESET-NOD32	a variant of Win32/GameHack.AR potentially unsafe
APEX	Malicious
McAfee	Generic BackDoor.wb
ClamAV	Win.Trojan.Elzob-7575986-0
Kaspersky	UDS:DangerousObject.Multi.Generic
BitDefender	Gen:Variant.Application.Fragtor.9
NANO-Antivirus	Trojan.Win32.GameHack.ftcixa
ViRobot	Trojan.Win32.A.Clicker.266240.K
MicroWorld-eScan	Gen:Variant.Application.Fragtor.9
Avast	Win32:TrojanX-gen [Trj]
Emsisoft	Gen:Variant.Application.Fragtor.9 (B)
F-Secure	Trojan.TR/Dropper.Gen
DrWeb	Trojan.Click2.9457
VIPRE	Gen:Variant.Application.Fragtor.9
Trapmine	malicious.moderate.ml.score
Sophos	Mal/Generic-S
Ikarus	Trojan.IRC.Backdoor.SdBot4
Google	Detected
Avira	TR/Dropper.Gen
Antiy-AVL	Trojan[Banker]/Win32.VB
Kingsoft	Win32.Troj.Unknown.a
Microsoft	Trojan:Win32/Sisproc!gmb
Xcitium	Malware@#s0xcpu15ydur
Arcabit	Trojan.Application.Fragtor.9
SUPERAntiSpyware	Trojan.Agent/Gen-Falprod[Cont]
ZoneAlarm	UDS:DangerousObject.Multi.Generic
GData	Gen:Variant.Application.Fragtor.9
Varist	W32/VBInject.CI.gen!Eldorado
AhnLab-V3	Worm/Win32.AutoRun.C67905
BitDefenderTheta	AI:Packer.2641986C1C
MAX	malware (ai score=100)
Cylance	unsafe
Panda	Generic Malware
Rising	Dropper.Generic!8.35E (CLOUD)
Yandex	HackTool.Inject!3K3lGEUQwXk
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	Riskware/Injector.O
AVG	Win32:TrojanX-gen [Trj]
Cybereason	malicious.31696d
DeepInstinct	MALICIOUS
alibabacloud	Riskware:Win/GameHack.AR