Malware

What is “Application.Razy.220967”?

Malware Removal

The Application.Razy.220967 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Application.Razy.220967 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Creates RWX memory
  • Possible date expiration check, exits too soon after checking local time
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Application.Razy.220967?



File Info:

name: 580AA211C48EF59D73C5.mlw
path: /opt/CAPEv2/storage/binaries/439fa1a8dce2667819b86f6fa967f790381de7a965034704737a9913544859cd
crc32: 89560A2E
md5: 580aa211c48ef59d73c5c85ffb39a614
sha1: cbacedf204ae5f6136aaae9105e09a71077b88b7
sha256: 439fa1a8dce2667819b86f6fa967f790381de7a965034704737a9913544859cd
sha512: 39033868c40ecf26c7d9a1246bfd838826613c7dd5ce1e1f868cd593fc9185b9959b420b44324b0474a0c8c19e2e9efab62113314c2ccf8f3c603162680851a3
ssdeep: 12288:FGJFpmJJQ7R4Bt7KI3rEUSLpUDRzFnRUnYYTVG:F0a894X7KZzpU9zdRgTU
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1EC941297D30554A1CA8602316932435CA737EFE80DA6D7970B1CB2233FFB6EB5C4295A
sha3_384: cfc28998416ee20e7d228d5c5789d5ea92aaa4ff8c352ceabe37f01923e05908ca26a4bdd9036f8ce03283dc1b9d55f8
ep_bytes: eb05c5b77dd1c650eb0133e812000000
timestamp: 2022-01-29 07:56:01


Version Info:

CompanyName: rubycolTFio0red Software
FileDescription: discobXpliwge
FileVersion: 38.86.22.24
InternalName: motunt7ebank
LegalCopyright: Copyright (C) 2019-2022 by rubycolTFio0red Software.
OriginalFilename: regula3ritKy.exe
ProductName: cloakJ9maker
ProductVersion: 14.48.31.41
Translation: 0x0000 0x04b0

Application.Razy.220967 also known as:

BkavW32.AIDetect.malware2
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Application.Razy.220967
FireEyeGeneric.mg.580aa211c48ef59d
ALYacGen:Variant.Application.Razy.220967
CylanceUnsafe
SangforSpyware.Win32.Stealer.baxc
K7AntiVirusRiskware ( 00584baa1 )
K7GWRiskware ( 00584baa1 )
Cybereasonmalicious.1c48ef
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Packed.Obsidium.FP
APEXMalicious
Paloaltogeneric.ml
KasperskyTrojan-Spy.Win32.Stealer.baxc
BitDefenderGen:Variant.Application.Razy.220967
AvastWin32:Trojan-gen
TencentWin32.Trojan-spy.Stealer.Stug
SophosGeneric ML PUA (PUA)
TrendMicroTROJ_GEN.R049C0PB222
McAfee-GW-EditionRDN/Generic PWS.y
EmsisoftGen:Variant.Application.Razy.220967 (B)
IkarusPacked.Win32.Krap
Antiy-AVLTrojan/Generic.ASMalwS.351E764
MicrosoftExploit:Win32/ShellCode!ml
GDataGen:Variant.Application.Razy.220967
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win.Generic.R469412
McAfeeRDN/Generic PWS.y
MAXmalware (ai score=72)
VBA32BScope.Trojan.Injuke
MalwarebytesTrojan.MalPack
TrendMicro-HouseCallTROJ_GEN.R049C0PB222
RisingTrojan.Occamy!8.F1CD (CLOUD)
YandexTrojan.GenAsa!0B4ddvRpm/c
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.139151970.susgen
FortinetMalicious_Behavior.SB
BitDefenderThetaGen:NN.ZexaF.34182.Bq3@aGLnnMo
AVGWin32:Trojan-gen
PandaTrj/CI.A
CrowdStrikewin/malicious_confidence_70% (W)

How to remove Application.Razy.220967?

Application.Razy.220967 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment