What is "Fragtor.43105 (B)"?

The Fragtor.43105 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Fragtor.43105 (B) virus can do?

SetUnhandledExceptionFilter detected (possible anti-debug)
Behavioural detection: Executable code extraction – unpacking
Yara rule detections observed from a process memory dump/dropped files/CAPE
Creates RWX memory
Dynamic (imported) function loading detected
Performs HTTP requests potentially not found in PCAP.
CAPE extracted potentially suspicious content
Unconventionial language used in binary resources: Urdu (India)
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid
CAPE detected the OnlyLogger malware family
Attempts to modify proxy settings

Related domains:

postbackstat.biz

wpad.local-net

forwardstorage.biz

How to determine Fragtor.43105 (B)?


File Info:
name: 1398943B8E6FB85F702A.mlw
path: /opt/CAPEv2/storage/binaries/c4fff9c2344b9fa3cc4b40b50716ee7bf719c0121bbd6aa278d96d4519450353
crc32: 1540177F
md5: 1398943b8e6fb85f702a2e247158b020
sha1: 84f2dc9fcb0016350b14ef488a48faa466707b5c
sha256: c4fff9c2344b9fa3cc4b40b50716ee7bf719c0121bbd6aa278d96d4519450353
sha512: 0a42b7fcb2811aabdea48b440d334dc693a5467f062bfbc876d18efe15777e0e84db7a46c5fb1201c62763dc10c1cfd3593485390faf80877438a63cd274f0e1
ssdeep: 6144:imPWFxxvKLbdzZQSxbZdr6VXQvbg9Ts0nHjMJh3pCEYS:imuFxx6bT7QXWGjMJdp7X
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1B054E05133E28533E5A737345934EB620ABBBDB26930C28B6758366D9E723C05E35783
sha3_384: 1fc88fb86786a1e2fbc33471ead2e081aaa607ee26f4c81290ecebe5b25c4b976835a103bf21a5153d1f16e9e3624c1c
ep_bytes: e8683b0000e989feffffcccccccccccc
timestamp: 2021-04-25 23:02:01

Version Info:
InternalName: bomgpiaruci.iwa
Copyright: Copyrighz (C) 2021, fudkat
ProductVersion: 13.54.37.25
Translation: 0x0117 0x046a

Fragtor.43105 (B) also known as:

Elastic	malicious (high confidence)
Cynet	Malicious (score: 100)
McAfee	GenericRXQU-HP!1398943B8E6F
Malwarebytes	Trojan.MalPack.GS
Sangfor	Trojan.Win32.Save.a
CrowdStrike	win/malicious_confidence_100% (W)
K7GW	Trojan ( 0058aa4d1 )
K7AntiVirus	Trojan ( 0058aa4d1 )
Cyren	W32/Kryptik.FUG.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/Kryptik.HNKB
APEX	Malicious
Kaspersky	VHO:Trojan-Downloader.Win32.Agent.gen
BitDefender	Trojan.GenericKDZ.80582
MicroWorld-eScan	Gen:Variant.Midie.104503
Avast	Win32:CrypterX-gen [Trj]
Ad-Aware	Gen:Variant.Midie.104503
Emsisoft	Gen:Variant.Fragtor.43105 (B)
McAfee-GW-Edition	BehavesLike.Win32.Lockbit.dc
FireEye	Generic.mg.1398943b8e6fb85f
Sophos	ML/PE-A + Troj/Krypt-BO
Ikarus	Trojan-Ransom.StopCrypt
GData	Win32.Trojan.BSE.1XTFOTC
Arcabit	Trojan.Midie.D19837
Microsoft	Ransom:Win32/StopCrypt.PU!MTB
AhnLab-V3	Trojan/Win.MalPE.R451835
Acronis	suspicious
ALYac	Gen:Variant.Fragtor.43105
VBA32	Malware-Cryptor.2LA.gen
Cylance	Unsafe
Rising	Malware.Heuristic!ET#85% (RDMK:cmRtazoD+gzs5pmZ3cR7kaMDeZ6E)
SentinelOne	Static AI – Malicious PE
eGambit	Unsafe.AI_Score_99%
Fortinet	W32/Kryptik.HNKE!tr
BitDefenderTheta	Gen:NN.ZexaF.34294.sq0@aa7li5lO
AVG	Win32:CrypterX-gen [Trj]
Cybereason	malicious.fcb001
MaxSecure	Trojan.Malware.300983.susgen

How to remove Fragtor.43105 (B)?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

What is “Fragtor.43105 (B)”?