Malware

Fragtor.147817 removal instruction

Malware Removal

The Fragtor.147817 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Fragtor.147817 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Reads data out of its own binary image
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is likely packed with VMProtect
  • Authenticode signature is invalid
  • CAPE detected the VMProtectStub malware family

How to determine Fragtor.147817?



File Info:

name: ED49AAD0AA6707BA06D9.mlw
path: /opt/CAPEv2/storage/binaries/d3bd62ba2cde978dc2a3e5bd0562b0b95c8072922ec9b72353ad7dc42eb3a97c
crc32: EA9220CA
md5: ed49aad0aa6707ba06d9124fd80d6942
sha1: b1741b3ab320cd93a076813ba1276691cc6f325f
sha256: d3bd62ba2cde978dc2a3e5bd0562b0b95c8072922ec9b72353ad7dc42eb3a97c
sha512: 24a7f31fb0b46d3454a74bc437753169393e7293fda62cc9a55f1d1f26d609d68fecf6f60b86604fae7645beaf06b9dd74a139536d38466b4620e05aed3691bc
ssdeep: 98304:bOgPEpcve/c1XBBThYIu8AmBg5ctWfOUh3UMk4/ADDDCBQLCUVUzjktByB2a3Wj:bOgPEGkcfDY8Amk5Jv6PAQLC9zfBW
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1AE563383A33FCE43F7CA8D7C81EDEE2291A24FE876238641D9153872D551A8F1DB2156
sha3_384: 5f1991c9c3d79dd2dc8674e19041ad1986352d2ac75ace977dd15e92b1132680c1706b10f7d4a03bc523193bbf0a89d9
ep_bytes: 9c60e94d74feff7cb0a829e5748b4a45
timestamp: 2022-08-18 10:05:45


Version Info:

CompanyName: 
FileDescription: 
FileVersion: 1.1.0.0
InternalName:  
LegalCopyright: 
LegalTrademarks: 
OriginalFilename: 
ProductName: 星河登陆器
ProductVersion: Pnoenixer 
Comments: 
Translation: 0x0804 0x03a8

Fragtor.147817 also known as:

BkavW32.AIDetect.malware2
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Fragtor.147817
FireEyeGeneric.mg.ed49aad0aa6707ba
CylanceUnsafe
VIPREGen:Variant.Fragtor.147817
K7AntiVirusTrojan ( 00532c651 )
AlibabaTrojan:Win32/OnLineGames.c551e002
K7GWTrojan ( 00532c651 )
CrowdStrikewin/malicious_confidence_90% (W)
ArcabitTrojan.Fragtor.D24169
BitDefenderThetaGen:NN.ZexaF.34698.@V3@aaN35tmb
SymantecML.Attribute.HighConfidence
tehtrisGeneric.Malware
ESET-NOD32a variant of Win32/Woool.F
TrendMicro-HouseCallTROJ_GEN.R03BH0CIQ22
KasperskyTrojan-GameThief.Win32.OnLineGames.allir
BitDefenderGen:Variant.Fragtor.147817
CynetMalicious (score: 100)
AvastWin32:DropperX-gen [Drp]
TencentWin32.Trojan-GameThief.Onlinegames.Timw
Ad-AwareGen:Variant.Fragtor.147817
SophosGeneric ML PUA (PUA)
McAfee-GW-EditionBehavesLike.Win32.AutoRun.tc
SentinelOneStatic AI – Malicious PE
Trapminemalicious.high.ml.score
EmsisoftGen:Variant.Fragtor.147817 (B)
APEXMalicious
AviraHEUR/AGEN.1250454
MAXmalware (ai score=84)
Antiy-AVLTrojan/Generic.ASMalwS.4B05
MicrosoftTrojan:Win32/Wacatac.B!ml
GDataGen:Variant.Fragtor.147817
GoogleDetected
AhnLab-V3Trojan/Win.Generic.C4704901
ALYacGen:Variant.Fragtor.147817
MalwarebytesTrojan.GameThief
RisingTrojan.Generic@AI.99 (RDML:TAwl+cp2ad9mLeTaJHCoSQ)
IkarusTrojan.Win32.Woool
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Woool.F!tr
AVGWin32:DropperX-gen [Drp]
Cybereasonmalicious.ab320c

How to remove Fragtor.147817?

Fragtor.147817 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment