Categories: Malware

Fragtor.133690 (file analysis)

The Fragtor.133690 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Fragtor.133690 virus can do?

Executed a command line with /C or /R argument to terminate command shell on completion which can be used to hide execution
Reads data out of its own binary image
Drops a binary and executes it
Authenticode signature is invalid
A ping command was executed with the -n argument possibly to delay analysis
Uses Windows utilities for basic functionality
Deletes executed files from disk
Uses suspicious command line tools or Windows utilities

How to determine Fragtor.133690?


File Info:
name: 02E9DE582F0673145487.mlwpath: /opt/CAPEv2/storage/binaries/ef699f40c331582826394d3eaa6b6fcc98a084a380564e4d67174f43cff0469bcrc32: 1815C63Bmd5: 02e9de582f0673145487dc6eb40f755csha1: a569a2b12b274af1c9631dd6581e89f879ddfaf3sha256: ef699f40c331582826394d3eaa6b6fcc98a084a380564e4d67174f43cff0469bsha512: 1c411a148b5864d8f36a3cfcdce92526d17518377fedfc8bed421ac30507cca19a6385aa5249aafbc0599c0cc933478cffdc916bac3add103d3a3f97c105ddc1ssdeep: 384:nW4Q+HQnTbUx9QoZ09RXjXz7XjCWwqK8Wzz8WW5bIwHIeOedYLisyUEU+feToY7A:WxOQ8bQL9xjXvKBBW5bnCidU4YB7Potype: PE32 executable (console) Intel 80386, for MS Windowstlsh: T10BC28DC771D5489EFED40DB51172F4F986BE78343A229942B720FF521BB4090EA25DCAsha3_384: 4d26f796bd52189d8eceed44c15bbfe6147e093d027588a9c5b5369b3ea8231c50804131d16d7ec43f5763ef8e563740ep_bytes: e8b1020000e974feffff558becff7508timestamp: 2020-12-13 23:46:04
Version Info:
0: [No Data]

Fragtor.133690 also known as:

DrWeb	Trojan.MulDrop20.10627
MicroWorld-eScan	Gen:Variant.Fragtor.133690
CAT-QuickHeal	Trojan.Stealer.S28360516
ALYac	Gen:Variant.Fragtor.133690
Cylance	Unsafe
VIPRE	Gen:Variant.Fragtor.133690
Sangfor	Suspicious.Win32.Save.a
K7AntiVirus	Password-Stealer ( 005937271 )
K7GW	Password-Stealer ( 005937271 )
Cybereason	malicious.82f067
Cyren	W32/Agent.ENB.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win32/PSW.Agent.OOO
APEX	Malicious
ClamAV	Win.Malware.Fugrafa-9950512-0
Kaspersky	HEUR:Trojan.Win32.SelfDel.pef
BitDefender	Gen:Variant.Fragtor.133690
NANO-Antivirus	Trojan.Win32.SelfDel.jpepdv
Avast	Win32:Malware-gen
Tencent	Trojan.Win32.Selfdel.xb
Ad-Aware	Gen:Variant.Fragtor.133690
TACHYON	Trojan/W32.Fugrafa.26112
Emsisoft	Gen:Variant.Fragtor.133690 (B)
F-Secure	Heuristic.HEUR/AGEN.1234650
Zillya	Trojan.SelfDel.Win32.65008
McAfee-GW-Edition	GenericRXNV-VM!02E9DE582F06
FireEye	Generic.mg.02e9de582f067314
Sophos	ML/PE-A + Troj/PWS-CMJ
SentinelOne	Static AI – Suspicious PE
GData	Gen:Variant.Fragtor.133690
Jiangmin	Trojan.Selfdel.rft
Google	Detected
Avira	HEUR/AGEN.1234650
Antiy-AVL	GrayWare/Win32.SelfDef.a
Arcabit	Trojan.Fragtor.D20A3A
ZoneAlarm	HEUR:Trojan.Win32.SelfDel.pef
Microsoft	Trojan:Win32/Fragtor.EL!MTB
Cynet	Malicious (score: 100)
AhnLab-V3	Malware/Win.Reputation.R496203
Acronis	suspicious
McAfee	GenericRXNV-VM!02E9DE582F06
MAX	malware (ai score=88)
VBA32	BScope.Trojan.Occamy
Malwarebytes	Malware.AI.3582201929
Rising	Stealer.Agent!1.DE3E (CLASSIC)
Ikarus	Trojan.DelFiles
MaxSecure	Trojan.Malware.121218.susgen
Fortinet	W32/SelfDef.26C0!tr
AVG	Win32:Malware-gen
Panda	Trj/Genetic.gen