Malware

What is “Fragtor.110787”?

Malware Removal

The Fragtor.110787 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Fragtor.110787 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Performs HTTP requests potentially not found in PCAP.
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary contains an unknown PE section name indicative of packing
  • Executable file is packed/obfuscated with ASPack
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Attempts to modify proxy settings
  • Deletes executed files from disk
  • Uses suspicious command line tools or Windows utilities

How to determine Fragtor.110787?



File Info:

name: F3001E9A4A9093D0E6F3.mlw
path: /opt/CAPEv2/storage/binaries/77c97cfa9c8e782720b2a1e3ad71d853da64c40ce0848e0e371357e7e2212c98
crc32: 0F64CD62
md5: f3001e9a4a9093d0e6f34dbc2aaed677
sha1: c6f0effd08d333c92c2ad7f34eb96b2c78c83c18
sha256: 77c97cfa9c8e782720b2a1e3ad71d853da64c40ce0848e0e371357e7e2212c98
sha512: 0baed13b9b343e1b340478c7b9f9408854bbaab2b63f12326fed57197abc7d188ed0493e3bc3d05601fd8bd2ed2817668ddc9ab1bdaf9445208621852c95eeb1
ssdeep: 98304:zcGqovpV+VaGWr9Hod89sxsV283SJgEu06m:oMF1TsxsQySJAm
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T193F533C567F10A8CF62B47B114C0A2767FFC5618F25DF02AB678E4D9393212A1AA53F4
sha3_384: caffb743e260bc9605827dbb884a977f0167440febcc2b0a280e32be1351f0647416e9be5bf805bcbad92e5479caab65
ep_bytes: 60e803000000e9eb045d4555c3e80100
timestamp: 2022-06-13 14:27:23


Version Info:

FileVersion: 1.0.0.0
FileDescription: 进程启动器
ProductName: 进程启动器
ProductVersion: 1.0.0.0
CompanyName: 进程启动器
LegalCopyright: 进程启动器 版权所有
Comments: 进程启动器
Translation: 0x0804 0x04b0

Fragtor.110787 also known as:

tehtrisGeneric.Malware
MicroWorld-eScanGen:Variant.Fragtor.110787
FireEyeGeneric.mg.f3001e9a4a9093d0
ALYacGen:Variant.Fragtor.110787
CylanceUnsafe
ZillyaDownloader.Upatre.Win32.70717
SangforSuspicious.Win32.Save.ins
K7GWAdware ( 005848221 )
K7AntiVirusAdware ( 005848221 )
BitDefenderThetaGen:NN.ZexaF.34646.zB1baC81RTob
CyrenW32/Jaik.R.gen!Eldorado
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Packed.FlyStudio.AA potentially unwanted
APEXMalicious
ClamAVWin.Malware.Generic-9820446-0
KasperskyHEUR:Trojan-Downloader.Win32.Upatre.pef
BitDefenderGen:Variant.Fragtor.110787
AvastWin32:Evo-gen [Trj]
TencentTrojan-Dropper.Win32.Convagent.zf
Ad-AwareGen:Variant.Fragtor.110787
SophosGeneric ML PUA (PUA)
VIPREGen:Variant.Fragtor.110787
McAfee-GW-EditionBehavesLike.Win32.Dropper.wc
Trapminemalicious.moderate.ml.score
EmsisoftGen:Variant.Fragtor.110787 (B)
SentinelOneStatic AI – Malicious PE
GDataGen:Variant.Fragtor.110787
JiangminTrojanDownloader.Upatre.anvi
GoogleDetected
AviraHEUR/AGEN.1231424
MAXmalware (ai score=89)
Antiy-AVLTrojan/Generic.ASMalwS.3CF7
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win.Generic.R473942
Acronissuspicious
VBA32BScope.Trojan.Downloader
MalwarebytesTrojan.Injector
RisingDropper.Convagent!8.123ED (TFE:5:KWeOOslXzgC)
MaxSecureTrojan.Malware.300983.susgen
AVGWin32:Evo-gen [Trj]
Cybereasonmalicious.d08d33

How to remove Fragtor.110787?

Fragtor.110787 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment