Malware

Fragtor.27274 (B) removal

Malware Removal

The Fragtor.27274 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Fragtor.27274 (B) virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Scheduled file move on reboot detected
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Deletes its original binary from disk
  • Created a process from a suspicious location
  • Creates a copy of itself

How to determine Fragtor.27274 (B)?



File Info:

name: AA218F833364B4C94F12.mlw
path: /opt/CAPEv2/storage/binaries/e172cbd3b02cfdfbff558b3a0784da5a45d19ea6755fed24807e82e6542a8ad3
crc32: EDD4D339
md5: aa218f833364b4c94f1285778e36869b
sha1: c24cd8280745281a0181e9140f296a6669091cce
sha256: e172cbd3b02cfdfbff558b3a0784da5a45d19ea6755fed24807e82e6542a8ad3
sha512: 66efd4c51e08db298a7d773bbeaff262b750f44a4997c682e3b68bccde51799046e3fff54cfa9c29d6a2df1441e1f207be9d102b66b51e87982efe95b8b6fcfd
ssdeep: 98304:ojycC1JHNskoPT8+r3jVG2zZIuje9dVwJ6k:oj9CNsNPQ+lGcZ3jadWAk
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T10EE533B1E3A30622E60C757E425614FDC88381BC5B45A88CD6C584DB83721796AFFDEE
sha3_384: 48992f14cd894c77671b59840754a0d1b609304f4f1d93a779aa0c10aae3aaa672ce4fd4cd9f72e941e7b403b4478d13
ep_bytes: 83ec04c70424000000005f51bb512836
timestamp: 1970-01-01 00:00:00


Version Info:

0: [No Data]

Fragtor.27274 (B) also known as:

BkavW32.AIDetect.malware2
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Fragtor.27274
FireEyeGeneric.mg.aa218f833364b4c9
ALYacGen:Variant.Fragtor.27274
VIPREPacker.NSAnti.Gen (v)
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 00576fb91 )
AlibabaMalware:Win32/km_280b22.None
K7GWTrojan ( 00576fb91 )
Cybereasonmalicious.807452
ArcabitTrojan.Fragtor.D6A8A
CyrenW32/CoinMiner.CQ.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Kryptik.HITO
APEXMalicious
Paloaltogeneric.ml
KasperskyTrojan.Win32.Copak.kyka
BitDefenderGen:Variant.Fragtor.27274
AvastWin32:CoinminerX-gen [Trj]
TencentTrojan.Win32.Coinminer.yi
Ad-AwareGen:Variant.Fragtor.27274
SophosMal/Generic-R
ComodoPacked.Win32.MUPX.Gen@24tbus
DrWebTrojan.Packed2.43250
ZillyaTrojan.Copak.Win32.160691
TrendMicroTROJ_GEN.R002C0DL521
McAfee-GW-EditionBehavesLike.Win32.Generic.wc
EmsisoftGen:Variant.Fragtor.27274 (B)
SentinelOneStatic AI – Malicious PE
AviraTR/Crypt.ULPM.Gen
MAXmalware (ai score=85)
Antiy-AVLTrojan/Generic.ASBOL.C68B
GridinsoftRansom.Win32.Gen.sa
MicrosoftTrojan:Win32/Injector.RAQ!MTB
GDataGen:Variant.Fragtor.27274 (2x)
CynetMalicious (score: 100)
AhnLab-V3Malware/Gen.RL_Reputation.R364132
McAfeeGenericRXAA-FA!AA218F833364
VBA32Trojan.Packed
MalwarebytesTrojan.Crypt.UPX
TrendMicro-HouseCallTROJ_GEN.R002C0DL521
RisingTrojan.Kryptik!1.D12D (CLASSIC)
IkarusTrojan.Win32.Injector
eGambitUnsafe.AI_Score_99%
FortinetW32/Kryptik.EAHK!tr
BitDefenderThetaGen:NN.ZexaF.34062.epZ@a4bRzRd
AVGWin32:CoinminerX-gen [Trj]
PandaTrj/Genetic.gen
CrowdStrikewin/malicious_confidence_80% (W)
MaxSecureVirus.Sality.AA

How to remove Fragtor.27274 (B)?

Fragtor.27274 (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment