Malware

About “Fragtor.17021” infection

Malware Removal

The Fragtor.17021 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Fragtor.17021 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Dynamic (imported) function loading detected
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Network activity detected but not expressed in API logs

Related domains:

wpad.local-net

How to determine Fragtor.17021?



File Info:

name: 1CEC5804E83D5A7C4243.mlw
path: /opt/CAPEv2/storage/binaries/f1997c075cf5cab23dde1f446a02ad7851a51b4bf1f587500135fb768eeaad66
crc32: 6B34AB10
md5: 1cec5804e83d5a7c42439e35e3cc6d69
sha1: 5895dd9f30c73a0d3d3ef48feedb8d961778c77d
sha256: f1997c075cf5cab23dde1f446a02ad7851a51b4bf1f587500135fb768eeaad66
sha512: c8f5aef2a152e7ae1934fd57c8edc0c11261885c67b974edf295f4529436d156a19bfbaa052a32a24e000b06b492a8a6b3d2adf235ac6e15a7c0ab6e3cb12aee
ssdeep: 24576:evxQfhSJIlZHW3m/mKlOhfzA0G/SnUsWZMAG+TUYeHF0USFrBOh:eJQfbZ50hftPWZMAGwUYelcBOh
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1CD658D117AA34072D322413F4915B3B006AEFD37E0AC5A5B77CC72EE58753C29E256AB
sha3_384: defb6e12d9c53acb8bc5f0298187c981bdb4a920373dca17b0f78dc7e404c1eeab4578d9cd6fba567e174142edbfe612
ep_bytes: e83a040000e98efeffffff257c964900
timestamp: 2019-08-27 14:04:13


Version Info:

CompanyName: 万能压缩
FileDescription: 万能压缩
FileVersion: 1.4.1.19814
InternalName: 万能压缩
LegalCopyright: Copyright (C) 2019
OriginalFilename: Sfx.exe
ProductName: 万能压缩
ProductVersion: 1,4,1,19814
Translation: 0x0804 0x04b0

Fragtor.17021 also known as:

BkavW32.AIDetect.malware2
LionicTrojan.Win32.Fragtor.4!c
MicroWorld-eScanGen:Variant.Fragtor.17021
FireEyeGeneric.mg.1cec5804e83d5a7c
ALYacGen:Variant.Fragtor.17021
ArcabitTrojan.Fragtor.D427D
BitDefenderThetaGen:NN.ZexaF.34294.wD1@aygI1elj
SymantecML.Attribute.HighConfidence
TrendMicro-HouseCallTROJ_GEN.R03BH09KL21
Paloaltogeneric.ml
BitDefenderGen:Variant.Fragtor.17021
AvastWin32:Malware-gen
Ad-AwareGen:Variant.Fragtor.17021
EmsisoftGen:Variant.Fragtor.17021 (B)
McAfee-GW-EditionBehavesLike.Win32.BrowseFox.th
GridinsoftRansom.Win32.Sabsik.sa
GDataGen:Variant.Fragtor.17021
CynetMalicious (score: 100)
McAfeeArtemis!1CEC5804E83D
MAXmalware (ai score=81)
VBA32BScope.Adware.Puwaders
APEXMalicious
YandexTrojan.GenAsa!VE4J7FCzFbg
AVGWin32:Malware-gen

How to remove Fragtor.17021?

Fragtor.17021 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment