Malware

Fragtor.56152 (B) information

Malware Removal

The Fragtor.56152 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Fragtor.56152 (B) virus can do?

  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • Unconventionial binary language: Portuguese (Brazil)
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid

How to determine Fragtor.56152 (B)?



File Info:

name: B5265152428CDA92C505.mlw
path: /opt/CAPEv2/storage/binaries/94d54bcb9f8cd5ed9f2291366bb4de2d7fe75a18b003c4ec95746833244b0202
crc32: 9CA21290
md5: b5265152428cda92c5058d0734f04f51
sha1: cfb9f85b5ed5b2441a6a16c4e6dfdb0de7e4b8da
sha256: 94d54bcb9f8cd5ed9f2291366bb4de2d7fe75a18b003c4ec95746833244b0202
sha512: 170db8d86382084b65342e9d25931d64ef85a4e4022ebbafce3aca71eaed260f2f3ce233e0ac2f38e75fc50a2873b39560d234c8f2406f3d95a6c99cfe3ab886
ssdeep: 49152:S6i9xlDYk593+9SSwr6KKDHci8vHG3fN+daPk0iZ3H34W4b+acyTJTTCQrvm14:Sv9p0P8yTPk0b+a3HC
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1D6467E167284503AD0670E36883BD6D8593BBB723E16CD5777F81E8C4F3A640B93A687
sha3_384: 410ed27641af1df712ec3f051d8d015b0c9fb28264244f12b0bf77987be758f7391b2bb99bc6ff748ca91cad66e4f8ba
ep_bytes: 558bec83c4f0b848f58700e89426b7ff
timestamp: 2022-02-03 03:40:53


Version Info:

CompanyName: Mapphew Sunnybridgte
FileDescription: Mapphew Sunnybridgte
FileVersion: 23.55.21.66
InternalName: Mapphew Sunnybridgte
LegalCopyright: Mapphew Sunnybridgte
LegalTrademarks: Mapphew Sunnybridgte
OriginalFilename: Mapphew Sunnybridgte
ProgramID: Mapphew Sunnybridgte
ProductName: Mapphew Sunnybridgte
ProductVersion: 23.55.21.66
Comments: Mapphew Sunnybridgte
Translation: 0x0416 0x04e4

Fragtor.56152 (B) also known as:

Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Fragtor.56152
FireEyeGeneric.mg.b5265152428cda92
McAfeeArtemis!B5265152428C
AlibabaTrojan:Win32/GenKryptik.48955e04
BitDefenderThetaGen:NN.ZelphiF.34182.@V0@aGaX2Jhk
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/GenKryptik.FPAH
KasperskyUDS:DangerousObject.Multi.Generic
BitDefenderGen:Variant.Fragtor.56152
AvastWin32:TrojanX-gen [Trj]
EmsisoftGen:Variant.Fragtor.56152 (B)
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
ZoneAlarmUDS:DangerousObject.Multi.Generic
GDataGen:Variant.Fragtor.56152
CynetMalicious (score: 100)
ALYacGen:Variant.Fragtor.56152
MAXmalware (ai score=84)
MalwarebytesTrojan.MalPack.DLF
RisingTrojan.GenKryptik!8.AA55 (CLOUD)
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/GenKryptik.FPAH!tr
AVGWin32:TrojanX-gen [Trj]

How to remove Fragtor.56152 (B)?

Fragtor.56152 (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment