Malware

Fragtor.119508 removal

Malware Removal

The Fragtor.119508 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Fragtor.119508 virus can do?

  • Executed a command line with /C or /R argument to terminate command shell on completion which can be used to hide execution
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • Authenticode signature is invalid
  • A ping command was executed with the -n argument possibly to delay analysis
  • Uses Windows utilities for basic functionality
  • Deletes executed files from disk
  • Uses suspicious command line tools or Windows utilities

How to determine Fragtor.119508?


File Info:

name: BB315C47672F4F8C7E65.mlw
path: /opt/CAPEv2/storage/binaries/467d8644d5de35131061da0f71c7fc038a1403f0c459d8bb3139b7c0196b1f98
crc32: 0B99D982
md5: bb315c47672f4f8c7e65b1c58cf92666
sha1: 190abbef766faef32db634c1ae0e9e6ee30d9d48
sha256: 467d8644d5de35131061da0f71c7fc038a1403f0c459d8bb3139b7c0196b1f98
sha512: cdfd8ded79cd3116b05851f478db7059d026d445f57c699f84e30e256add2953727ae8dce76f369ff2193a98aecc5264e8fd102547a1a7a6cdfd1ed9793dbfd2
ssdeep: 384:/WY+0eTUx9DF09RXjXz7XjCWwqK8Wzz8WW5bIwH3a5sYRGfZdIhrOCq+Wn1:+Y+54bO9xjXvKBBW5bKZC2rU+W1
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T126C27E87B5C148F3FABC0D7C59B266B802FF7D302D769982EB60D5132955460EB2A1CD
sha3_384: 5e9ab9993ad0dca83dd43fde5fd42c1def3fbc240c2f53c865a82dfeb4b48ae84b1ce5bb178a02a9c07dabaf781b9751
ep_bytes: e8b1020000e974feffff558becff7508
timestamp: 2020-12-13 23:46:04

Version Info:

0: [No Data]

Fragtor.119508 also known as:

BkavW32.AIDetect.malware2
MicroWorld-eScanGen:Variant.Fragtor.119508
ClamAVWin.Malware.Fugrafa-9950512-0
FireEyeGeneric.mg.bb315c47672f4f8c
CAT-QuickHealTrojan.Stealer.S28360516
McAfeeGenericRXNV-VM!BB315C47672F
CylanceUnsafe
ZillyaTrojan.SelfDel.Win32.65008
K7AntiVirusPassword-Stealer ( 005937271 )
K7GWPassword-Stealer ( 005937271 )
Cybereasonmalicious.7672f4
CyrenW32/Agent.ENB.gen!Eldorado
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/PSW.Agent.OOO
APEXMalicious
CynetMalicious (score: 100)
KasperskyHEUR:Trojan.Win32.SelfDel.pef
BitDefenderGen:Variant.Fragtor.119508
NANO-AntivirusTrojan.Win32.SelfDel.jpepdv
AvastWin32:Malware-gen
TencentTrojan.Win32.Selfdel.xb
Ad-AwareGen:Variant.Fragtor.119508
TACHYONTrojan/W32.Fugrafa.26112
SophosTroj/PWS-CMJ
DrWebTrojan.MulDrop20.10627
VIPREGen:Variant.Fragtor.119508
McAfee-GW-EditionGenericRXNV-VM!BB315C47672F
EmsisoftGen:Variant.Fragtor.119508 (B)
GDataGen:Variant.Fragtor.119508
JiangminTrojan.Selfdel.rft
AviraHEUR/AGEN.1234650
Antiy-AVLTrojan/Generic.ASBOL.C6F8
ZoneAlarmHEUR:Trojan.Win32.SelfDel.pef
MicrosoftTrojan:Win32/Fragtor.EL!MTB
GoogleDetected
AhnLab-V3Malware/Win.Reputation.R496203
Acronissuspicious
ALYacGen:Variant.Fragtor.119508
MAXmalware (ai score=82)
VBA32BScope.Trojan.Occamy
MalwarebytesMalware.AI.2397151589
RisingStealer.Agent!1.DE3E (CLASSIC)
IkarusTrojan.DelFiles
MaxSecureTrojan.Malware.121218.susgen
FortinetW32/SelfDef.26C0!tr
AVGWin32:Malware-gen
PandaTrj/Genetic.gen

How to remove Fragtor.119508?

Fragtor.119508 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment