About “Lazy.107211 (B)” infection

The Lazy.107211 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Lazy.107211 (B) virus can do?

Dynamic (imported) function loading detected
.NET file is packed/obfuscated with Confuser
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid

How to determine Lazy.107211 (B)?


File Info:
name: 55C46A211512BE7F1798.mlw
path: /opt/CAPEv2/storage/binaries/89bd48742e2d8a2b896eb1cf02730c2c052654077fb01729b6aa9b6dd4852f2f
crc32: FA0C465E
md5: 55c46a211512be7f1798ff897087ed17
sha1: 26071674ba4ae47ea55041e7312bdbc72215148d
sha256: 89bd48742e2d8a2b896eb1cf02730c2c052654077fb01729b6aa9b6dd4852f2f
sha512: b4faf3c515c297f2fd5f126f54b16b67f5cba86320b6c54aeaeb103d6af9f50ea2aa5d77ac32534f5d26460bac58faa4e782a58ea8df7312a683013beb4c5ffa
ssdeep: 3072:7CfAvt3ftf6Uwc0h9M2Xp5pJ/X2vQO9vsrCLO2:eovtkBcm5zRrCi
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T12EC3E144BD5C5826E7190ABCA65FCA4ED6F65E201A06D78BF84CB29D4F323E5100673F
sha3_384: 458ee540750b20d5766f1ae9968aaf4c1d659f7cc094fbad0c48148468edfb39d03494e7758689716d18a146f0b6f607
ep_bytes: ff250020400000000000000000000000
timestamp: 2022-02-01 20:41:13

Version Info:
Translation: 0x0000 0x04b0
Comments: Neton
CompanyName: Neton
FileDescription: Neton
FileVersion: 1.0.0.0
InternalName: Neton.exe
LegalCopyright: Neton
LegalTrademarks: Neton
OriginalFilename: Neton.exe
ProductName: Neton
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Lazy.107211 (B) also known as:

Lionic	Trojan.Win32.Banload.a!c
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Lazy.107211
FireEye	Generic.mg.55c46a211512be7f
McAfee	RDN/Generic.dx
Cylance	Unsafe
Sangfor	Trojan.Win32.Banload.aboun
K7AntiVirus	Hacktool ( 0058e06f1 )
Alibaba	TrojanDownloader:Win32/Banload.cdf2e00a
K7GW	Hacktool ( 0058e06f1 )
Cybereason	malicious.4ba4ae
Cyren	W32/MSIL_Kryptik.CRK.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of MSIL/HackTool.Agent.RJ
APEX	Malicious
Paloalto	generic.ml
Kaspersky	Trojan-Downloader.Win32.Banload.aboun
BitDefender	Gen:Variant.Lazy.107211
Avast	FileRepMalware
Tencent	Win32.Trojan-downloader.Banload.Sxeq
Ad-Aware	Gen:Variant.Lazy.107211
Emsisoft	Gen:Variant.Lazy.107211 (B)
TrendMicro	TROJ_GEN.R002C0PB822
McAfee-GW-Edition	RDN/Generic.dx
Sophos	Mal/Generic-S
GData	Gen:Variant.Lazy.107211
eGambit	Unsafe.AI_Score_99%
Avira	TR/Hacktool.hcfxn
Gridinsoft	Ransom.Win32.Sabsik.sa
Arcabit	Trojan.Lazy.D1A2CB
ZoneAlarm	Trojan-Downloader.Win32.Banload.aboun
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
Cynet	Malicious (score: 99)
AhnLab-V3	Malware/Win.Malware-gen.C4928092
BitDefenderTheta	Gen:NN.ZemsilF.34212.hm0@aeRERS
ALYac	Gen:Variant.Lazy.107211
MAX	malware (ai score=85)
VBA32	TScope.Trojan.MSIL
Malwarebytes	Malware.AI.906049620
TrendMicro-HouseCall	TROJ_GEN.R002C0PB822
Rising	Malware.Obfus/MSIL@AI.100 (RDM.MSIL:e0pwoAgtMIhD0TJoNUY+Hw)
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	MSIL/Agent.RJ!tr
AVG	FileRepMalware
Panda	Trj/GdSda.A
CrowdStrike	win/malicious_confidence_70% (W)

How to remove Lazy.107211 (B)?

Lazy.107211 (B) removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X