Malware

Fragtor.107976 removal

Malware Removal

The Fragtor.107976 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Fragtor.107976 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Behavioural detection: Injection (Process Hollowing)
  • Behavioural detection: Injection (inter-process)

How to determine Fragtor.107976?



File Info:

name: 024377D74AC1C04057AD.mlw
path: /opt/CAPEv2/storage/binaries/527c2170817188991acd245351ba9c7bf165eee6c6cb67841de9bb5e4d7703ad
crc32: D02BEFBF
md5: 024377d74ac1c04057ad65b2e4f2445b
sha1: 0a2b9bdb65c2a7ba55320536849735cb51b00f8a
sha256: 527c2170817188991acd245351ba9c7bf165eee6c6cb67841de9bb5e4d7703ad
sha512: 3758e5e4d26f7e66950d70f66ff9118d98413b8bdd7ea74861517f44439af2d9ba2abd74a5ac77c63f9611641e510305f55e9dfa9cac81357b4d46f45cf808e3
ssdeep: 1536:VCHdkze2zZ6W+W3pR+lBRJaUT3B+puT44PBtULBf/:VCHz2zQW5ZR+lBR3BRT4LLBf/
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T14B53014E21093038E4EDBF7742AB4D280A67A8511702D7591EFA8F8E8C35B94DFB7635
sha3_384: 06548644456b47bfdcc09b397e020b2a478e8eeab13767333d522f1326a8cc81d7bd66c83a76520512c701a33c227e3c
ep_bytes: 60be00d040008dbe0040ffff5783cdff
timestamp: 2010-07-19 19:25:44


Version Info:

CompanyName: 
FileDescription: Resource viewer, decompiler & recompiler.
FileVersion: 3.5.2.84
InternalName: ResHack
LegalCopyright: (c) Angus Johnson 1999-2009
LegalTrademarks: 
OriginalFilename: ResHack
ProductName: 
ProductVersion: 3.0.0.0
Comments: Freeware, but see help file for conditions.
Aditional Notes: Not for distribution without the authors permission
Translation: 0x0c09 0x04e4

Fragtor.107976 also known as:

LionicTrojan.Win32.Refroso.lr4D
DrWebBackDoor.Bifrost.19762
MicroWorld-eScanGen:Variant.Fragtor.107976
FireEyeGeneric.mg.024377d74ac1c040
McAfeeArtemis!024377D74AC1
CylanceUnsafe
ZillyaTrojan.Refroso.Win32.21543
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 004bcce71 )
AlibabaWorm:Win32/Bifrose.ca2f28a3
K7GWTrojan ( 004bcce71 )
Cybereasonmalicious.74ac1c
BitDefenderThetaGen:NN.ZevbaF.34592.dmLfa0UpIBbi
VirITTrojan.Win32.Generic.AIYL
CyrenW32/Risk.SQEK-6848
SymantecTrojan.Gen.2
Elasticmalicious (moderate confidence)
ESET-NOD32a variant of Win32/Injector.CNT
APEXMalicious
ClamAVWin.Trojan.Bifrose-10574
KasperskyWorm.Win32.WBNA.ipa
BitDefenderGen:Variant.Fragtor.107976
NANO-AntivirusTrojan.Win32.WBNA.ecekwx
AvastWin32:Trojan-gen
TencentWin32.Worm.Wbna.Chf
Ad-AwareGen:Variant.Fragtor.107976
EmsisoftGen:Variant.Fragtor.107976 (B)
ComodoMalware@#1jbmq622fgnsy
VIPREGen:Variant.Fragtor.107976
TrendMicroTROJ_VBINJ.SMII
McAfee-GW-EditionBehavesLike.Win32.Generic.qc
SophosML/PE-A + Mal/Meredrop-A
SentinelOneStatic AI – Malicious PE
GDataGen:Variant.Fragtor.107976
JiangminWorm.WBNA.ihcy
GoogleDetected
AviraTR/Dropper.Gen
MAXmalware (ai score=100)
Antiy-AVLTrojan/Generic.ASBOL.5
ArcabitTrojan.Fragtor.D1A5C8
ZoneAlarmWorm.Win32.WBNA.ipa
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Refroso.R14013
Acronissuspicious
VBA32Malware-Cryptor.VB.gen.1
ALYacGen:Variant.Fragtor.107976
MalwarebytesMalware.Heuristic.1003
TrendMicro-HouseCallTROJ_VBINJ.SMII
RisingWorm.WBNA!8.321 (CLOUD)
YandexTrojan.Refroso!PJ9R7i0S8jI
IkarusTrojan.Win32.Refroso
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/VBNA.B!worm
AVGWin32:Trojan-gen
PandaGeneric Malware
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Fragtor.107976?

Fragtor.107976 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment