Malware

Fragtor.110395 (file analysis)

Malware Removal

The Fragtor.110395 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Fragtor.110395 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Executed a command line with /C or /R argument to terminate command shell on completion which can be used to hide execution
  • Dynamic (imported) function loading detected
  • Network anomalies occured during the analysis.
  • Reads data out of its own binary image
  • A process created a hidden window
  • Drops a binary and executes it
  • Authenticode signature is invalid
  • A ping command was executed with the -n argument possibly to delay analysis
  • Uses Windows utilities for basic functionality
  • Created a process from a suspicious location
  • Deletes executed files from disk
  • Uses suspicious command line tools or Windows utilities

How to determine Fragtor.110395?



File Info:

name: 3F1254ACC081806EAA86.mlw
path: /opt/CAPEv2/storage/binaries/6c92ea8e63da7654332a87e5cc1d3d5eb3931ba3bc779017a8c87313773af6bb
crc32: 0E172FE5
md5: 3f1254acc081806eaa8688f360b51b22
sha1: fcd2d19be837f7ef678770bebc4f9ab06501f0de
sha256: 6c92ea8e63da7654332a87e5cc1d3d5eb3931ba3bc779017a8c87313773af6bb
sha512: ce684bfb6edb6db073cd90f5c9c34db729e6ce4f9adc89303de60f0d21fc9b96a15965e24e76de00e754f0dfa5f8391c9bf275f1d0eb6b0c84c981de192c99c4
ssdeep: 384:gWUR2SDUx9ewk09RXjXz7XjCWwqK8Wzz8WW5bIwHz1HkU0kNDsZHg0EWEdpMRFjK:/UR2tbewD9xjXvKBBW5bz7NwZTmzMPK
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T1E8C26C87B5924CB1E69446724A325D785FFB79201E6197028B30EAD91FB34D0ED1B8CC
sha3_384: 80518a722917c8b784d45a36db861532d180965df0971fd9e12542517abd4aa12363a92ccc560182842465e012e621c3
ep_bytes: e8b1020000e974feffff558becff7508
timestamp: 2020-12-13 23:46:04


Version Info:

0: [No Data]

Fragtor.110395 also known as:

BkavW32.AIDetect.malware2
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Fragtor.110395
FireEyeGeneric.mg.3f1254acc081806e
ALYacGen:Variant.Fragtor.110395
MalwarebytesMalware.AI.2397151589
VIPREGen:Variant.Fragtor.110395
K7AntiVirusPassword-Stealer ( 005937271 )
BitDefenderGen:Variant.Fragtor.110395
K7GWPassword-Stealer ( 005937271 )
Cybereasonmalicious.cc0818
CyrenW32/Agent.ENB.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/PSW.Agent.OOO
ClamAVWin.Malware.Fugrafa-9950512-0
KasperskyHEUR:Trojan.Win32.SelfDel.vho
NANO-AntivirusTrojan.Win32.SelfDel.jpepdv
RisingStealer.Agent!1.DE3E (CLASSIC)
Ad-AwareGen:Variant.Fragtor.110395
TACHYONTrojan/W32.Fugrafa.26112
EmsisoftGen:Variant.Fragtor.110395 (B)
DrWebTrojan.MulDrop20.10627
ZillyaTrojan.SelfDel.Win32.65008
McAfee-GW-EditionBehavesLike.Win32.Generic.mh
SophosTroj/PWS-CMJ
APEXMalicious
JiangminTrojan.Selfdel.rft
AviraHEUR/AGEN.1234650
Antiy-AVLTrojan/Generic.ASBOL.C6F8
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
GDataGen:Variant.Fragtor.110395
CynetMalicious (score: 100)
AhnLab-V3Malware/Win.Reputation.R496203
Acronissuspicious
McAfeeGenericRXNV-VM!3F1254ACC081
MAXmalware (ai score=88)
VBA32BScope.Trojan.Occamy
CylanceUnsafe
PandaTrj/Genetic.gen
TencentTrojan.Win32.Selfdel.xb
SentinelOneStatic AI – Suspicious PE
MaxSecureTrojan.Malware.121218.susgen
FortinetW32/SelfDef.26C0!tr
AVGWin32:Malware-gen
AvastWin32:Malware-gen

How to remove Fragtor.110395?

Fragtor.110395 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment