Malware

What is “Kazy.66558”?

Malware Removal

The Kazy.66558 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Kazy.66558 virus can do?

  • Executable code extraction
  • Creates RWX memory
  • A process attempted to delay the analysis task.
  • At least one IP Address, Domain, or File Name was found in a crypto call
  • Reads data out of its own binary image
  • A process created a hidden window
  • Drops a binary and executes it
  • Installs itself for autorun at Windows startup
  • Creates a hidden or system file
  • Checks the CPU name from registry, possibly for anti-virtualization
  • Creates a copy of itself
  • Collects information to fingerprint the system
  • Anomalous binary characteristics
  • Attempts to modify Explorer settings to prevent hidden files from being displayed

How to determine Kazy.66558?



File Info:

crc32: 026A6047
md5: be6a80505d31b0aab681921a87b20b30
name: BE6A80505D31B0AAB681921A87B20B30.mlw
sha1: c94b836b26060802e57e79ba99c2189fc5c8d284
sha256: 0b58c47cb1816cbaefc95beab5cd0cfcc3c785971099551bd24dd346f221e8d4
sha512: fdee9961be8eae6051db4eeb02ad1b7aaa182c897f7f2bdab25f6921eafa2674fb4a9833204295c9ffbf2c8df984d28e0dd8c93c374dd670985ce5ea9545b16d
ssdeep: 3072:9pl+f1uf8+zDC2aJDeEsXcXPBQA6S4Qy:If1ufHzsDeEssXPBQA6O
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows


Version Info:

Translation: 0x0000 0x04b0
LegalCopyright: xa0
Assembly Version: 1.1.1.1
InternalName: audiohdw.exe
FileVersion: 1.1.1.1
CompanyName: xa0
LegalTrademarks: xa0
Comments: xa0
ProductName: xa0
ProductVersion: 1.1.1.1
FileDescription: xa0
OriginalFilename: audiohdw.exe

Kazy.66558 also known as:

DrWebTrojan.Siggen3.36469
CynetMalicious (score: 99)
ALYacGen:Variant.Kazy.66558
CylanceUnsafe
SangforPUP.Win32.Kazy.66558
CrowdStrikewin/malicious_confidence_70% (D)
AlibabaTrojan:Win32/Starter.ali2000005
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/Arcdoor.BC
APEXMalicious
AvastWin32:Agent-ANRB [Trj]
KasperskyTrojan-Ransom.Win32.Blocker.cvhi
BitDefenderGen:Variant.Kazy.66558
NANO-AntivirusTrojan.Win32.Blocker.cygjjv
MicroWorld-eScanGen:Variant.Kazy.66558
TencentWin32.Trojan.Blocker.Piac
Ad-AwareGen:Variant.Kazy.66558
SophosMal/Generic-S
ComodoMalware@#toy9wpqugly7
F-SecureTrojan.TR/Downloader.Gen
BitDefenderThetaGen:NN.ZemsilF.34670.gm0@aS7Z4De
VIPRETrojan.Win32.Generic.pak!cobra
TrendMicroTROJ_SPNR.11KL13
McAfee-GW-EditionArtemis!Trojan
FireEyeGeneric.mg.be6a80505d31b0aa
EmsisoftGen:Variant.Kazy.66558 (B)
SentinelOneStatic AI – Malicious PE
WebrootW32.Backdoor.Charon
AviraTR/Downloader.Gen
Antiy-AVLTrojan[Ransom]/Win32.Blocker
KingsoftWin32.Troj.Agent.an.(kcloud)
MicrosoftTrojan:Win32/Wacatac.B!ml
ArcabitTrojan.Kazy.D103FE
AegisLabTrojan.Win32.Blocker.j!c
ZoneAlarmTrojan-Ransom.Win32.Blocker.cvhi
GDataGen:Variant.Kazy.66558
McAfeeArtemis!BE6A80505D31
MAXmalware (ai score=100)
MalwarebytesGeneric.Malware/Suspicious
PandaGeneric Malware
TrendMicro-HouseCallTROJ_SPNR.11KL13
RisingRansom.Blocker!8.12A (CLOUD)
YandexTrojan.Blocker!ALOH4KeYYps
IkarusTrojan-Ransom.Blocker
FortinetW32/Blocker.AJ!tr
AVGWin32:Agent-ANRB [Trj]
Paloaltogeneric.ml
Qihoo-360Win32/Ransom.Blocker.HgAASRQA

How to remove Kazy.66558?

Kazy.66558 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment