Malware

Should I remove “Fragtor.47981”?

Malware Removal

The Fragtor.47981 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Fragtor.47981 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Presents an Authenticode digital signature
  • Creates RWX memory
  • Possible date expiration check, exits too soon after checking local time
  • Dynamic (imported) function loading detected
  • Enumerates the modules from a process (may be used to locate base addresses in process injection)
  • CAPE extracted potentially suspicious content
  • Unconventionial language used in binary resources: Macedonian
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • CAPE detected the RedLine malware family
  • Anomalous binary characteristics

How to determine Fragtor.47981?



File Info:

name: 2290B3F2FCEF6EADD19C.mlw
path: /opt/CAPEv2/storage/binaries/8d326b14790d6744a81b3f5e10ba1e9f6cba583db8a8a76e273285e26ed1b377
crc32: 60767935
md5: 2290b3f2fcef6eadd19cce9cdd0e4390
sha1: d2d0b1d0aafd431e38792be440ade46e91944b7d
sha256: 8d326b14790d6744a81b3f5e10ba1e9f6cba583db8a8a76e273285e26ed1b377
sha512: c99195000e381d190e37418f1e6094397e037ef10d71fea4d8abd2270bca9f46e985c0784c6c4158239612ceb7c71047c9545c93eb8c263b1f25b9dc1efcb83c
ssdeep: 6144:kNkhG1uZwtFHzQ4h5hYr8iAchI91NZy4srU94Bdvr2fl:kNQGsizQ4hkr8iXq91sre0dKd
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T14584CF1135C0C073D4A329718825CBB59FBAB4A55A32998F7BD84ABC9F247D2973930F
sha3_384: 600cdc908acd9699968bdadc254ad48a666ab3310314813bf1afe42efbbb632fef765b5a7e8a32140d82bcdf72a432ef
ep_bytes: e8d5550000e978feffffcccccccccccc
timestamp: 2021-06-09 08:40:32


Version Info:

FileVers: 65.51.36.16
ProductVersa: 7.50.25.71
InternalName: peatemas
LegalCopyrighd: Jdfglsdffa
Translations: 0x0169 0x0300

Fragtor.47981 also known as:

BkavW32.AIDetect.malware2
Elasticmalicious (high confidence)
CynetMalicious (score: 100)
FireEyeGeneric.mg.2290b3f2fcef6ead
McAfeePacked-GBE!2290B3F2FCEF
CylanceUnsafe
CrowdStrikewin/malicious_confidence_90% (W)
K7GWTrojan ( 0058b78b1 )
K7AntiVirusTrojan ( 0058b78b1 )
CyrenW32/Kryptik.FXB.gen!Eldorado
SymantecPacked.Generic.620
ESET-NOD32a variant of Win32/Kryptik.HNOS
APEXMalicious
KasperskyHEUR:Trojan-Spy.Win32.Stealer.gen
BitDefenderGen:Variant.Fragtor.47981
MicroWorld-eScanGen:Variant.Fragtor.47981
AvastWin32:CrypterX-gen [Trj]
Ad-AwareGen:Variant.Fragtor.47981
EmsisoftGen:Variant.Fragtor.47981 (B)
DrWebTrojan.PWS.StealerNET.113
McAfee-GW-EditionPacked-GBE!2290B3F2FCEF
IkarusTrojan.Win32.Crypt
GDataGen:Variant.Fragtor.47981
MicrosoftTrojan:Win32/Azorult.RM!MTB
AhnLab-V3CoinMiner/Win.Glupteba.R456690
Acronissuspicious
BitDefenderThetaGen:NN.ZexaF.34062.xq2@amVlvmfG
ALYacGen:Variant.Fragtor.47981
MAXmalware (ai score=88)
VBA32Trojan.Agent
MalwarebytesTrojan.MalPack.GS
RisingTrojan.Kryptik!1.DAF8 (CLASSIC)
SentinelOneStatic AI – Malicious PE
eGambitPE.Heur.InvalidSig
FortinetW32/Kryptik.HNOL!tr
AVGWin32:CrypterX-gen [Trj]
Cybereasonmalicious.0aafd4
PandaTrj/GdSda.A
MaxSecureTrojan.Malware.300983.susgen

How to remove Fragtor.47981?

Fragtor.47981 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment