Lazy.10232 (file analysis)

The Lazy.10232 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Lazy.10232 virus can do?

CAPE extracted potentially suspicious content
Authenticode signature is invalid
Anomalous .NET characteristics

How to determine Lazy.10232?


File Info:
name: 187D182A2B6D9D593C5D.mlw
path: /opt/CAPEv2/storage/binaries/9a58400e15285b0daeba1ea454d6b2785f6ce96cd04c362ff9992ab7c56d164e
crc32: 8AF0F3DC
md5: 187d182a2b6d9d593c5d8ef45be3e058
sha1: 53491325b9447ab2236b44043c55a3259c22e5b6
sha256: 9a58400e15285b0daeba1ea454d6b2785f6ce96cd04c362ff9992ab7c56d164e
sha512: 7fbaff8e74363ece69f8bed75d0205ddf178551ffd3a2ab5b38badc3b1f048d0abb827479f2430d2a672e418080fe361f32de69b7f8ca25feeebbcfb49608e3f
ssdeep: 768:J8TA1qAAP3OZ9D7kxFbvc+ETyYqsE0j2xYuwOu08/:MfOZ9vMVvc/PqsE0j2quwO2
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1142319D93BE69EBBC594D7386052038923B1C1A97A53E7037D98113D9C42BEFBC119A3
sha3_384: 2bff3ab638920b16cf743b9cd3b47f5b73fcd1375a695abdc9e3ee9f5d4684d129f7622279ed2c860c674756bbb37e71
ep_bytes: ff250020400000000000000000000000
timestamp: 2022-09-30 21:48:26

Version Info:
Translation: 0x0000 0x04b0
FileDescription:  
FileVersion: 0.0.0.0
InternalName: test.exe
LegalCopyright:  
OriginalFilename: test.exe
ProductVersion: 0.0.0.0
Assembly Version: 0.0.0.0

Lazy.10232 also known as:

Bkav	W32.AIDetectNet.01
Cynet	Malicious (score: 100)
Cylance	Unsafe
Sangfor	Suspicious.Win32.Save.a
Cybereason	malicious.a2b6d9
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of MSIL/ClipBanker.SX
APEX	Malicious
Kaspersky	HEUR:Trojan.Win32.Generic
BitDefender	Gen:Variant.Lazy.10232
MicroWorld-eScan	Gen:Variant.Lazy.10232
Rising	Trojan.Generic/MSIL@AI.98 (RDM.MSIL:RL5bsD0+OuBrY24m1aTCjw)
Ad-Aware	Gen:Variant.Lazy.10232
Emsisoft	Gen:Variant.Lazy.10232 (B)
VIPRE	Gen:Variant.Lazy.10232
McAfee-GW-Edition	BehavesLike.Win32.Trojan.pm
Trapmine	malicious.high.ml.score
FireEye	Generic.mg.187d182a2b6d9d59
Sophos	Generic ML PUA (PUA)
Ikarus	Trojan.MSIL.TrojanClicker
GData	Gen:Variant.Lazy.10232
Avira	HEUR/AGEN.1222106
MAX	malware (ai score=88)
Arcabit	Trojan.Lazy.D27F8
Microsoft	Program:Win32/Wacapew.C!ml
Google	Detected
AhnLab-V3	Trojan/Win32.Bladabindi.C2498852
Acronis	suspicious
BitDefenderTheta	Gen:NN.ZemsilF.34698.cm0@aSW3VPp
ALYac	Gen:Variant.Lazy.10232
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.300983.susgen
CrowdStrike	win/malicious_confidence_60% (D)

How to remove Lazy.10232?

Lazy.10232 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X