Malware

Fragtor.39861 information

Malware Removal

The Fragtor.39861 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Fragtor.39861 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • HTTPS urls from behavior.
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Behavioural detection: Injection (Process Hollowing)
  • Behavioural detection: Injection (inter-process)
  • Attempts to modify proxy settings
  • Harvests cookies for information gathering
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Fragtor.39861?



File Info:

name: 60B00C98DF5AF7F9C712.mlw
path: /opt/CAPEv2/storage/binaries/7932bc39e91083baf2789b673a144881aa2c561839e61c86eab6d8d6b0e82b00
crc32: 0D81309C
md5: 60b00c98df5af7f9c7129694f00147ac
sha1: 204a6c423510095b1ed5f294fac3f473ebe1a64e
sha256: 7932bc39e91083baf2789b673a144881aa2c561839e61c86eab6d8d6b0e82b00
sha512: b1c232ef64c206819466b7ff6b56b418c123e630cc9f7b7e7ac4ad896f9845c57a1a23a5a97881dc01acd5c79257b53c216952c507cd3d4df390dd7799d0a997
ssdeep: 1536:a1Sa8FtMy8v61vUFRCW5qhsdSrl8Cnouy8xl:28FtMyW6+bn9Araaoutxl
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T15343F1F1D2FA2205C0FD9A329CFD52C7A2B4E964A48DC87C5B91195E9C34F08BF42A5D
sha3_384: 30fd4cf48d34db790fdbe9e981db509707390c58fafe3dd74017d8f1fbd1164f08c9a5dfa9d0aec9c2fa0c0b1cfa8c3b
ep_bytes: 60be004043008dbe00d0fcff5789e58d
timestamp: 2011-07-17 08:09:14


Version Info:

Translation: 0x0409 0x04b0
Comments: Nielson Hellenic
CompanyName: Amerada Neapolitan Cavendish Offenbach
FileDescription: Pulitzer Keats
LegalCopyright: Stonehenge Philistine Britannic Regulus Frau
ProductName: Bengal Ingram
FileVersion: 4.09.0008
ProductVersion: 4.09.0008
InternalName: qf
OriginalFilename: qf.exe

Fragtor.39861 also known as:

LionicTrojan.Win32.AntiAV.llR6
Elasticmalicious (moderate confidence)
MicroWorld-eScanGen:Variant.Fragtor.39861
ClamAVWin.Trojan.Jorik-1404
FireEyeGen:Variant.Fragtor.39861
ALYacGen:Variant.Fragtor.39861
MalwarebytesBackdoor.Bot
VIPREGen:Variant.Fragtor.39861
AlibabaTrojanClicker:Win32/Jorik.90a73ec6
BitDefenderThetaAI:Packer.D79B4CBB20
CyrenW32/VBInject.BL.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32Win32/TrojanClicker.Agent.NII
APEXMalicious
Paloaltogeneric.ml
CynetMalicious (score: 100)
KasperskyTrojan.Win32.Jorik.Buterat.cr
BitDefenderGen:Variant.Fragtor.39861
NANO-AntivirusTrojan.Win32.Jorik.fvdva
AvastWin32:Cambot-O [Trj]
TencentWin32.Trojan.Jorik.Rqil
EmsisoftGen:Variant.Fragtor.39861 (B)
F-SecureTrojan.TR/Dropper.Gen
DrWebBackDoor.Butirat.24
ZillyaTrojan.Jorik.Win32.9508
McAfee-GW-EditionBehavesLike.Win32.Generic.qc
Trapminemalicious.high.ml.score
SophosMal/VBCheMan-A
SentinelOneStatic AI – Suspicious PE
JiangminTrojan/Jorik.fjjt
WebrootW32.Malware.Gen
AviraTR/Dropper.Gen
Antiy-AVLTrojan/Win32.SGeneric
XcitiumTrojWare.Win32.Agent.~kst@3yda0g
ArcabitTrojan.Fragtor.D9BB5
GDataGen:Variant.Fragtor.39861
GoogleDetected
McAfeePWS-Zbot.gen.bas
MAXmalware (ai score=100)
VBA32BScope.Trojan.Jorik
Cylanceunsafe
RisingDropper.Generic!8.35E (CLOUD)
YandexTrojan.CL.Agent!N27ZR75XAps
IkarusWorm.Win32.Vobfus
FortinetW32/VBKrypt.EEQS!tr
AVGWin32:Cambot-O [Trj]
PandaGeneric Malware

How to remove Fragtor.39861?

Fragtor.39861 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment