Malware

Fragtor.27680 malicious file

Malware Removal

The Fragtor.27680 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Fragtor.27680 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Scheduled file move on reboot detected
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Deletes its original binary from disk
  • Created a process from a suspicious location
  • Creates a copy of itself

How to determine Fragtor.27680?



File Info:

name: 8328239F96AE9F5442F3.mlw
path: /opt/CAPEv2/storage/binaries/7e10f54e9dcfdd3d6dce2ab5e4b1508e8e31d295e469cc58e9e3094673011b4e
crc32: D8973E2C
md5: 8328239f96ae9f5442f3a68685f1e0cc
sha1: da14a900d54239aca81c346c21a1d320a0b85b4f
sha256: 7e10f54e9dcfdd3d6dce2ab5e4b1508e8e31d295e469cc58e9e3094673011b4e
sha512: f28829c51daa0873d056b0cc168056000d8b6275dd8aa45c73ba658cdd2e9c52493b89e3bc93e79c8625f91c615464ff747c624c06aca22fc8e945800dbbe821
ssdeep: 12288:/e7Z6MV/AH386HN+EP4r9CapohN6DUuabE/EaACA9ghm/S+lL4Goqe6czqi1lksD:/cuXzoXBq/6ebE3ASno4Bqeai1l3
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T1470533CE4051AD33E46650389CC296BCE043F6B40A2C405AACDF77514B7D269ABFAAD9
sha3_384: 8f85b61af655a110b6b748bdf95850a6322824f5ac81a8e10e6f8f8f3768a5bbd4585902cf9d686c66b96d10f1268965
ep_bytes: 68000000008b3c2483c4045201c989cb
timestamp: 1970-01-01 00:00:00


Version Info:

0: [No Data]

Fragtor.27680 also known as:

BkavW32.AIDetect.malware1
LionicRiskware.Win32.BitCoinMiner.1!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Fragtor.27680
FireEyeGen:Variant.Fragtor.27680
McAfeeGenericRXAA-FA!8328239F96AE
CylanceUnsafe
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 0057ffc71 )
AlibabaTrojan:Win32/Injector.5914f110
K7GWTrojan ( 005762bf1 )
BitDefenderThetaGen:NN.ZexaF.34294.XmW@aGoqVKk
CyrenW32/CoinMiner.CQ.gen!Eldorado
ESET-NOD32a variant of Win32/Kryptik.HITO
TrendMicro-HouseCallTROJ_GEN.R002C0DKR21
Paloaltogeneric.ml
Kasperskynot-a-virus:HEUR:RiskTool.Win32.BitCoinMiner.vho
BitDefenderGen:Variant.Fragtor.27680
AvastWin32:CoinminerX-gen [Trj]
TencentTrojan.Win32.Coinminer.yi
Ad-AwareGen:Variant.Fragtor.27680
SophosMal/HckPk-A
ComodoPacked.Win32.MUPX.Gen@24tbus
DrWebTrojan.Packed2.43250
TrendMicroTROJ_GEN.R002C0DKR21
SentinelOneStatic AI – Malicious PE
EmsisoftGen:Variant.Fragtor.27680 (B)
APEXMalicious
GDataGen:Variant.Fragtor.27680
AviraTR/Crypt.ULPM.Gen
Antiy-AVLTrojan/Generic.ASBOL.C68A
GridinsoftRansom.Win32.Gen.sa
MicrosoftTrojan:Win32/Injector.RAQ!MTB
CynetMalicious (score: 100)
AhnLab-V3Malware/Gen.Reputation.C4320207
VBA32Trojan.Packed
ALYacGen:Variant.Fragtor.27680
MAXmalware (ai score=87)
MalwarebytesTrojan.Crypt.UPX
RisingTrojan.Kryptik!1.D238 (CLASSIC)
IkarusTrojan.Win32.Injector
eGambitUnsafe.AI_Score_99%
FortinetW32/Kryptik.EAHK!tr
AVGWin32:CoinminerX-gen [Trj]
PandaTrj/Genetic.gen
CrowdStrikewin/malicious_confidence_100% (W)
MaxSecureTrojan.Malware.300983.susgen

How to remove Fragtor.27680?

Fragtor.27680 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment