Categories: Malware

Should I remove “Fragtor.27219”?

The Fragtor.27219 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Fragtor.27219 virus can do?

  • Possible date expiration check, exits too soon after checking local time
  • Attempts to connect to a dead IP:Port (6 unique times)
  • Performs some HTTP requests
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Uses Windows utilities for basic functionality
  • Steals private information from local Internet browsers
  • Writes a potential ransom message to disk
  • Creates a hidden or system file
  • Attempts to modify proxy settings
  • Anomalous binary characteristics
  • Uses suspicious command line tools or Windows utilities

Related domains:

z.whorecord.xyz
a.tomx.xyz
www.listincode.com
ocsp.digicert.com
iplogger.org
statuse.digitalcertvalidation.com
ocsp.comodoca.com
ocsp.usertrust.com
ocsp.sectigo.com
www.iyiqian.com
accounts.youtube.com
fonts.gstatic.com
r4—sn-3c27ln7y.gvt1.com
redirector.gvt1.com

How to determine Fragtor.27219?



File Info:

crc32: 970BE3BAmd5: d75e050965789445b01836c288e31962name: D75E050965789445B01836C288E31962.mlwsha1: f77985d3e4a908bdad2ac4bcb927427eb41205a5sha256: 2c0ff564fce52035e637147fb6aaeed4ef47a8aa51dd70bdd33eeab33ffec099sha512: 4ec362d3d87d0cd10d0ca6522cf2d9b928ccf01d1baaf1eea950a9f39671837033469cef1e978b1935c4ab2f90cc58bb5845b14376c39575a405afd97c9d86cbssdeep: 24576:IvpQrniqe1eamEdx56F/ur1aYWzpcXYxBd2R5oWWylGl/TMDPu:Cp0K1JwbEgzElWylGVTM7type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

LegalCopyright: Copyright (C) 2019FileVersion: 1.0.0.1ProductVersion: 1.0.0.1Translation: 0x0409 0x04b0

Fragtor.27219 also known as:

Bkav W32.AIDetect.malware1
K7AntiVirus Spyware ( 0054853f1 )
Elastic malicious (high confidence)
Cynet Malicious (score: 100)
CAT-QuickHeal PUA.GenericRI.S23474139
ALYac Gen:Variant.Fragtor.27219
Cylance Unsafe
Sangfor Trojan.Win32.Save.a
CrowdStrike win/malicious_confidence_60% (W)
K7GW Spyware ( 0054853f1 )
Cybereason malicious.3e4a90
Symantec ML.Attribute.HighConfidence
ESET-NOD32 a variant of Win32/Spy.Agent.PYV
APEX Malicious
Avast Win32:PWSX-gen [Trj]
ClamAV Win.Malware.Razy-9789744-0
Kaspersky HEUR:Trojan-PSW.Win32.Disbuk.gen
BitDefender Gen:Variant.Fragtor.27219
MicroWorld-eScan Gen:Variant.Fragtor.27219
Ad-Aware Gen:Variant.Fragtor.27219
Sophos Generic ML PUA (PUA)
BitDefenderTheta Gen:NN.ZexaF.34236.B90@aCVex@bj
McAfee-GW-Edition BehavesLike.Win32.Dropper.th
FireEye Generic.mg.d75e050965789445
Emsisoft Gen:Variant.Fragtor.27219 (B)
SentinelOne Static AI – Malicious PE
Jiangmin Trojan.PSW.Disbuk.dj
Microsoft Trojan:Win32/Sabsik.FL.B!ml
GData Gen:Variant.Fragtor.27219
McAfee Artemis!D75E05096578
MAX malware (ai score=86)
VBA32 BScope.Trojan.Agentb
Malwarebytes Spyware.Socelars
Panda Trj/Genetic.gen
Rising Stealer.FBAdsCard!1.CE03 (CLASSIC)
Fortinet W32/Socelars.S!tr.spy
AVG Win32:PWSX-gen [Trj]

How to remove Fragtor.27219?

  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.
Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment
Share
Published by
Paul Valéry
Tags: a.tomx.xyzaccounts.youtube.comfonts.gstatic.comFragtor.27219iplogger.orgocsp.comodoca.comocsp.digicert.comocsp.sectigo.comocsp.usertrust.comr4---sn-3c27ln7y.gvt1.comredirector.gvt1.comstatuse.digitalcertvalidation.comwww.iyiqian.comwww.listincode.comz.whorecord.xyz
2 years ago

Recent Posts

Win32:VB-OLS [Trj] removal

The Win32:VB-OLS [Trj] is considered dangerous by lots of security experts. When this infection is…

2 mins ago

How to remove “Trojan:Win32/Smokeloader.CCDO!MTB”?

The Trojan:Win32/Smokeloader.CCDO!MTB is considered dangerous by lots of security experts. When this infection is active,…

8 mins ago

Should I remove “TrojanDownloader:MSIL/RedLineStealer.KL!MTB”?

The TrojanDownloader:MSIL/RedLineStealer.KL!MTB is considered dangerous by lots of security experts. When this infection is active,…

29 mins ago

How to remove “Malware.AI.4139232050”?

The Malware.AI.4139232050 is considered dangerous by lots of security experts. When this infection is active,…

1 hour ago

Win32.Backdoor.Agent.A information

The Win32.Backdoor.Agent.A is considered dangerous by lots of security experts. When this infection is active,…

2 hours ago

Generic.Dacic.94CCEEA9.A.5494E6E2 (B) removal tips

The Generic.Dacic.94CCEEA9.A.5494E6E2 (B) is considered dangerous by lots of security experts. When this infection is…

2 hours ago