Malware

Fragtor.21761 information

Malware Removal

The Fragtor.21761 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Fragtor.21761 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Possible date expiration check, exits too soon after checking local time
  • Anomalous file deletion behavior detected (10+)
  • Guard pages use detected – possible anti-debugging.
  • A process attempted to delay the analysis task.
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Tries to unhook or modify Windows functions monitored by Cuckoo
  • Uses csc.exe C# compiler to build and execute code
  • Uses suspicious command line tools or Windows utilities

How to determine Fragtor.21761?



File Info:

name: 42732E44F64A69309AD9.mlw
path: /opt/CAPEv2/storage/binaries/816e4f5344de8f66c581ac86f814cabf5a0be88e1476167850695400f2fbc1dc
crc32: F2573850
md5: 42732e44f64a69309ad90edb3b818d91
sha1: f280b1b0fa6f1ac4d7c873e06b11ef9dfbf57e68
sha256: 816e4f5344de8f66c581ac86f814cabf5a0be88e1476167850695400f2fbc1dc
sha512: 9098272bf6539d69b471dc3adefaed18bf3a0a7db81fd48b54b41f4d7b5e45ca0b35fbea2d07e1ad275dbf0f4a3171f7ba57be630c4713eec9f212e8793223d8
ssdeep: 98304:5XCV9WE8cREhr/lwjhre5YMIyjqUuNJ4V9:5KjJGrNwjZeUyuUr
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T156063353BCE21C7BF8B2F4B482208F94573A3E5D4F4DCB0921D4F25A39B56A31152ADA
sha3_384: 58e280899c503c6ade419bdf2db7f53f54ea7cf5905b20c186ea39e94934c78ddff22df63937f6d66f32e041d241eb0c
ep_bytes: 60be0080a0008dbe00909fff5783cdff
timestamp: 2019-03-15 14:44:06


Version Info:

CompanyName: OK-QQ计数器
FileDescription: www.ok1816.com
FileVersion: 5.0.0.166
InternalName: www.ok1816.com
LegalCopyright: Copyright (C) OK计数器 2019
OriginalFilename: OK-QQ计数器 个人版.exe
ProductName: OK统计
ProductVersion: 5.0.0.166
Translation: 0x0009 0x04b0

Fragtor.21761 also known as:

Elasticmalicious (moderate confidence)
MicroWorld-eScanGen:Variant.Fragtor.21761
FireEyeGeneric.mg.42732e44f64a6930
ALYacGen:Variant.Fragtor.21761
BitDefenderGen:Variant.Fragtor.21761
BitDefenderThetaGen:NN.ZexaF.34606.SpKfau6LfKiG
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Packed.AAuto.A suspicious
ClamAVWin.Malware.Aauto-9839278-0
KasperskyVHO:Trojan.Win32.Convagent.gen
NANO-AntivirusTrojan.Win32.Strictor.fhdasm
APEXMalicious
RisingTrojan.Generic@AI.93 (RDMK:cmRtazq71dhAh3odLPNL/ZTOeARZ)
Ad-AwareGen:Variant.Fragtor.21761
SophosGeneric ML PUA (PUA)
ZillyaTrojan.GenericKD.Win32.208138
EmsisoftGen:Variant.Fragtor.21761 (B)
GDataGen:Variant.Fragtor.21761
JiangminTrojan.Generic.cqisc
AviraHEUR/AGEN.1210216
MAXmalware (ai score=88)
KingsoftWin32.Troj.Undef.(kcloud)
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win.Generic.R450412
VBA32TrojanDownloader.Banload
YandexTrojan.GenAsa!Nly9AoXnxJE
SentinelOneStatic AI – Malicious PE
AVGWin32:Malware-gen
AvastWin32:Malware-gen

How to remove Fragtor.21761?

Fragtor.21761 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment