Malware

Fragtor.158948 malicious file

Malware Removal

The Fragtor.158948 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Fragtor.158948 virus can do?

  • HTTPS urls from behavior.
  • CAPE extracted potentially suspicious content
  • A HTTP/S link was seen in a script or command line
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • A scripting utility was executed
  • Uses Windows utilities for basic functionality
  • Attempts to modify proxy settings
  • Deletes executed files from disk
  • Attempts to execute suspicious powershell command arguments
  • Uses suspicious command line tools or Windows utilities

How to determine Fragtor.158948?



File Info:

name: 5941844038744F190409.mlw
path: /opt/CAPEv2/storage/binaries/0468bfd48e6d27ed37608ce603561d41afa6ccc6aa96a217828229c3829c174a
crc32: 48EAC71A
md5: 5941844038744f1904092a18eb8b7f9e
sha1: a0a295e8cfa89dc7d77d8b3e54a120deab7364b8
sha256: 0468bfd48e6d27ed37608ce603561d41afa6ccc6aa96a217828229c3829c174a
sha512: 4be2f31c2ac795ac651daf4978e8a9e0e1da73fcabfdb028bccd8bbb346a967ec08bc6ff6dda34d0171f796b175e2f90410a373bb864507b53559ca29398b3ff
ssdeep: 3072:fZBQ8K0eSAA6A9VaWtDwyuRn8+zJmhLg7FDm4Mo1OwfhpK:fzQq6KN6n8STvhpK
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T162B35B1276D1C137F6762A3154A7ED508A3EFD700A2CCFEB7B82053D4A245C1BA27E66
sha3_384: ca248cfff06ae7cba06419b84b03314cde11fb865714985d2cb2719bcf4589d924f51839056949c0a0f619f053ae6696
ep_bytes: e8a3040000e98efeffff558becff7508
timestamp: 2022-11-03 16:58:56


Version Info:

CompanyName: Reader
FileDescription: PDF
FileVersion: 1.0.0.1
InternalName: loader.exe
LegalCopyright: Copyright (C) 2022
OriginalFilename: loader.exe
ProductName: PDF Reader
ProductVersion: 1.0.0.1
Translation: 0x0409 0x04b0

Fragtor.158948 also known as:

BkavW32.AIDetect.malware2
MicroWorld-eScanGen:Variant.Fragtor.158948
CylanceUnsafe
CrowdStrikewin/malicious_confidence_60% (D)
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
APEXMalicious
CynetMalicious (score: 100)
KasperskyUDS:Trojan-Downloader.Win32.PsDownload.gen
BitDefenderGen:Variant.Fragtor.158948
AvastWin32:DropperX-gen [Drp]
Ad-AwareGen:Variant.Fragtor.158948
EmsisoftGen:Variant.Fragtor.158948 (B)
FireEyeGeneric.mg.5941844038744f19
GDataGen:Variant.Fragtor.158948
MAXmalware (ai score=83)
ZoneAlarmUDS:Trojan-Downloader.Win32.PsDownload.gen
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
VBA32suspected of Trojan.Downloader.gen
RisingTrojan.Generic@AI.88 (RDML:lG5h3AaJsqYDjfFlNeoD2A)
MaxSecureTrojan.Malware.300983.susgen
BitDefenderThetaGen:NN.ZexaF.34754.hC0@a0Dfv4ni
AVGWin32:DropperX-gen [Drp]

How to remove Fragtor.158948?

Fragtor.158948 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment