Adware Reports malware removal guides and threat research Updated security instructions for Windows users
Home/Malware
Threat report

Fragtor.503155 malicious file

Published Feb 12, 2024 Malware category 2 min read
Report context

What to verify before removal

This report keeps Fragtor.503155 malicious file in the active library because the detection has enough technical context to support a careful second-opinion scan and cleanup decision.

Start by comparing the local file name with 939B9A47BA3A9482BEED.mlw, then review the behavior notes for persistence entries, dropped files, unusual processes, and browser or network changes. This helps separate a matching detection from a different file that only shares a similar alert name.

Observed file
939B9A47BA3A9482BEED.mlw
  • Compare the suspicious file name with 939B9A47BA3A9482BEED.mlw.
  • Confirm the detection name matches Fragtor.503155 malicious file before removing related files.
  • Review the report for persistence entries, dropped files, unusual processes, and browser or network changes so the cleanup is based on observed behavior, not only the label.
  • Run a full scan, quarantine confirmed detections, and restart before signing back in to sensitive accounts.

The Fragtor.503155 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

What Fragtor.503155 virus can do?

  • Sample contains Overlay data
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid

How to determine Fragtor.503155?



File Info:

name: 939B9A47BA3A9482BEED.mlw
path: /opt/CAPEv2/storage/binaries/a45d6d000265cfc6a617ce0ab0d3df3b7cab357df9d13f7ac51ad254c4e9f086
crc32: EC012216
md5: 939b9a47ba3a9482beeda7d6124c0633
sha1: 5cb09e940337a95acacf2a399fe4997fbe561468
sha256: a45d6d000265cfc6a617ce0ab0d3df3b7cab357df9d13f7ac51ad254c4e9f086
sha512: d85b2e0293f5fab051e2446a79c6460030495caa38f65f45bfe0ff4ce791790750d206a886f5c462382d91cce6bbf2086a0882ef70fa1f21eeccd2ab82cd2075
ssdeep: 768:lZqZfP2wSwGSwJZ2bY0ePP3lLuzZPKqE+UNYEjoR5:lIZ32w+xsDePP3lLuBZE+jEm
type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
tlsh: T110E2D8597E444DEBE960173C80E7C7762A7DF050CB234B62F650B7308A337A2619B66E
sha3_384: 62b9311eee4365ec402c2d5615a1b496dcbb83aee600a9142d3439f120bb408982793da5c28174ed8d8ae2061c94f01a
ep_bytes: 57565383ec108b5c24248b7424208b7c
timestamp: 2024-02-09 01:22:28


Version Info:

0: [No Data]

Fragtor.503155 also known as:

Elastic malicious (high confidence)
Cynet Malicious (score: 99)
Skyhigh BehavesLike.Win32.Injector.nm
McAfee RDN/Generic.hbg
VIPRE Gen:Variant.Fragtor.503155
ESET-NOD32 a variant of Win32/Agent_AGen.DEA
BitDefender Gen:Variant.Fragtor.503155
MicroWorld-eScan Gen:Variant.Fragtor.503155
Avast FileRepMalware [Misc]
Emsisoft Gen:Variant.Fragtor.503155 (B)
F-Secure Trojan.TR/Agent_AGen.fgqao
FireEye Gen:Variant.Fragtor.503155
Avira TR/Agent_AGen.fgqao
Antiy-AVL Trojan/Win32.Wacatac
Microsoft Trojan:Win32/Wacatac.B!ml
Arcabit Trojan.Fragtor.D7AD73
GData Gen:Variant.Fragtor.503155
AhnLab-V3 Trojan/Win.Generic.R634665
BitDefenderTheta Gen:NN.ZedlaF.36744.c46@a8rkLXh
MAX malware (ai score=82)
Rising Trojan.Agent!8.B1E (CLOUD)
Fortinet W32/Agent.DDP!tr
AVG FileRepMalware [Misc]
DeepInstinct MALICIOUS

How to remove Fragtor.503155?

Recommended second-opinion scan

Verify the infection before changing system settings

Use GridinSoft Anti-Malware to run a full scan, review detected persistence entries, and quarantine confirmed threats before restarting Windows.

Download GridinSoft Anti-Malware
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.