Malware

Fragtor.46790 (B) information

Malware Removal

The Fragtor.46790 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Fragtor.46790 (B) virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • Enumerates the modules from a process (may be used to locate base addresses in process injection)
  • CAPE extracted potentially suspicious content
  • Unconventionial language used in binary resources: Oriya
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • CAPE detected the RedLine malware family

How to determine Fragtor.46790 (B)?



File Info:

name: AAFA6420DCFDE68BD3AA.mlw
path: /opt/CAPEv2/storage/binaries/70a9614564fa220eac7cb1eddebb06e2f56193aa162e70c09f89e88d6374e728
crc32: 2AE51380
md5: aafa6420dcfde68bd3aa74bd0dec8cb7
sha1: ef5a6294934aec200ce3f2a58fa8b2f2db87e31d
sha256: 70a9614564fa220eac7cb1eddebb06e2f56193aa162e70c09f89e88d6374e728
sha512: 58256e3eaeabf2b79a7e3f483c7849051fd55143a48fd3c11d0c2392c9a023b66159f5e0dd5dfc3457cb718543f565a5c83ed28864ffbfe8b82c78c5c066c179
ssdeep: 6144:Ir+LgFWQbU4tqQO86CJef6b7Wrx5IemDQ3uNa8LGdouzbgwu6L7ITsqSigaTwVfr:Y+cP4UL6CYf61ZAu08LGCunnn7s
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1F984D0F179BD8871C5337D3074608AE45A2BBC12E9605106BA74579E2EB3BDC8DE132E
sha3_384: d5b143ac166de6b7deeb45b5afd6245321cf138781335e906161e86bd778700559f712de0b94027272339b35e080015a
ep_bytes: e883340000e979feffffcccccccccccc
timestamp: 2021-03-13 06:30:54


Version Info:

InternalName: bomgpiaruci.iwa
Copyright: Copyrighz (C) 2021, fudkat
ProductVersion: 13.54.77.27
Translation: 0x0127 0x046a

Fragtor.46790 (B) also known as:

BkavW32.AIDetect.malware1
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Fragtor.46790
FireEyeGeneric.mg.aafa6420dcfde68b
McAfeeLockbit-FSWW!AAFA6420DCFD
CylanceUnsafe
CrowdStrikewin/malicious_confidence_100% (D)
BitDefenderThetaGen:NN.ZexaF.34062.xy0@a8awIMKG
CyrenW32/Kryptik.FWV.gen!Eldorado
SymantecML.Attribute.HighConfidence
APEXMalicious
KasperskyUDS:Trojan-Spy.Win32.Stealer.gen
BitDefenderGen:Variant.Fragtor.46790
Ad-AwareGen:Variant.Fragtor.46790
SophosML/PE-A + Troj/Krypt-BO
McAfee-GW-EditionBehavesLike.Win32.Generic.fc
EmsisoftGen:Variant.Fragtor.46790 (B)
GDataGen:Variant.Fragtor.46790
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
CynetMalicious (score: 100)
Acronissuspicious
ALYacGen:Variant.Fragtor.46790
MAXmalware (ai score=85)
MalwarebytesTrojan.MalPack.GS
RisingTrojan.Generic@ML.87 (RDML:hvh1qxKG66I+kBfbH0FuJQ)
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
Cybereasonmalicious.4934ae

How to remove Fragtor.46790 (B)?

Fragtor.46790 (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment