Malware

Kazy.141654 (B) information

Malware Removal

The Kazy.141654 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Kazy.141654 (B) virus can do?

  • Executable code extraction
  • Attempts to connect to a dead IP:Port (1 unique times)
  • Creates RWX memory
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • Uses Windows utilities for basic functionality
  • Sniffs keystrokes
  • Installs itself for autorun at Windows startup

How to determine Kazy.141654 (B)?



File Info:

crc32: 8C5903CB
md5: 66655dbcb77ac185eca611962ce41ba9
name: ih25k4dvogyr.jpg
sha1: 5bcc37cd251d6f19d15d89ba6365d064a2a211c4
sha256: 11b142aa0208b6bb51db48547d4fdade31dc00de544ec0c580f6044c6c1b089a
sha512: 11a7a30d72f1030844e668488df07d8035f9ebe5a99d9465296f63f8d2d1c22dfb895735204001dbfa02d67b6796db392fdeed1966885e1d0c44dfa56046c619
ssdeep: 1536:zzmkd/cFws8lfr9vubMXcwFtRWuJ6VUwLRVRueLlK+gMAchlpqOPjyD46eU2non:GIwcfJu8cwb0TPRueLU/apM
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows


Version Info:

Translation: 0x0000 0x04b0
LegalCopyright:  
Assembly Version: 0.0.0.0
InternalName: server2.jpg
FileVersion: 0.0.0.0
ProductVersion: 0.0.0.0
FileDescription:  
OriginalFilename: server2.jpg

Kazy.141654 (B) also known as:

MicroWorld-eScanGen:Variant.Kazy.141654
FireEyeGeneric.mg.66655dbcb77ac185
CAT-QuickHealBackdoor.Bladabindi.AJ3
McAfeeTrojan-FJWT!66655DBCB77A
CylanceUnsafe
K7AntiVirusTrojan ( 0051c2441 )
BitDefenderGen:Variant.Kazy.141654
K7GWTrojan ( 0051c2441 )
Cybereasonmalicious.cb77ac
Invinceaheuristic
BaiduMSIL.Trojan-Dropper.Binder.a
F-ProtW32/MSIL_Bladabindi.AS.gen!Eldorado
SymantecBackdoor.Ratenjay
APEXMalicious
AvastMSIL:Agent-DRD [Trj]
ClamAVWin.Trojan.B-468
GDataMSIL.Backdoor.Bladabindi.AV
KasperskyHEUR:Trojan.Win32.Generic
NANO-AntivirusTrojan.Win32.Agent.dzsrep
AegisLabTrojan.Win32.Generic.lExa
RisingBackdoor.MSIL.Bladabindi!1.9E49 (CLASSIC)
Endgamemalicious (high confidence)
SophosTroj/DotNet-P
ComodoTrojWare.MSIL.Bladabindi.BGS@7lngf6
F-SecureBackdoor.BDS/Bladabindi.alif
DrWebTrojan.DownLoader9.26652
TrendMicroTROJ_BINDER.SMA
McAfee-GW-EditionBehavesLike.Win32.Trojan.cm
Trapminemalicious.high.ml.score
EmsisoftGen:Variant.Kazy.141654 (B)
IkarusTrojan-Dropper.MSIL
CyrenW32/MSIL_Bladabindi.AS.gen!Eldorado
JiangminTrojan/Generic.bcpht
AviraBDS/Bladabindi.alif
MicrosoftBackdoor:MSIL/Bladabindi.B
ArcabitTrojan.Kazy.D22956
ZoneAlarmHEUR:Trojan.MSIL.Tpyn.gen
VBA32Trojan.MSIL.Disfa
ALYacGen:Variant.Kazy.141654
MAXmalware (ai score=94)
Ad-AwareGen:Variant.Kazy.141654
ESET-NOD32a variant of MSIL/TrojanDropper.Binder.CA
TrendMicro-HouseCallTROJ_BINDER.SMA
SentinelOneDFI – Malicious PE
FortinetMSIL/Dropper_Binder.BS!tr
AVGMSIL:Agent-DRD [Trj]
CrowdStrikewin/malicious_confidence_100% (D)
Qihoo-360HEUR/QVM03.0.CF85.Malware.Gen

How to remove Kazy.141654 (B)?

Kazy.141654 (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment