Lazy.114605 (file analysis)

The Lazy.114605 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Lazy.114605 virus can do?

Dynamic (imported) function loading detected
CAPE extracted potentially suspicious content
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid

How to determine Lazy.114605?


File Info:
name: B78A25BF1F3119C66C4B.mlw
path: /opt/CAPEv2/storage/binaries/7f6afa71ad2bcb228e7449e691142fbe483da3db3783eda7ec0d7edab0c16958
crc32: 61FF5DE8
md5: b78a25bf1f3119c66c4b9c7f945c2237
sha1: f7b9cb43ecad9077bbe45a579d45210fe4ca27ae
sha256: 7f6afa71ad2bcb228e7449e691142fbe483da3db3783eda7ec0d7edab0c16958
sha512: fd259298e1de4d2fd94677f91311a5b7cafe401d5051b8019bfcc14033dd5d4eb3ba1ac2ed92de1d679093f0a2d93bc26c0d08a6d1b97a1a30b9f308fa74f6ca
ssdeep: 12288:7VofQh5I+Be/ig9PPAXm9uY+5ouL7dGjLTLtAxN9:af4o/iePJ9g5/LJKfL2xP
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1CAE49C407AA85B93D93A8BF815397CA037F1310B77D5F25A0DC652C52AB4F9E0E53A0B
sha3_384: 76a3c8bca8e1d0bfeda700a0d8c6f7483e037384604e62580dcdbb98eee571f3bccb98c723e17dae7a4d788ebe31e5f0
ep_bytes: ff250020400000000000000000000000
timestamp: 2022-02-04 13:02:56

Version Info:
Translation: 0x0000 0x04b0
Comments: 
CompanyName: System Insights
FileDescription: VimanaPoi
FileVersion: 1.0.0.0
InternalName: SuppressMessageAttribu.exe
LegalCopyright: Copyright © System Insights Inc. 2011
LegalTrademarks: 
OriginalFilename: SuppressMessageAttribu.exe
ProductName: VimanaPoi
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Lazy.114605 also known as:

Elastic	malicious (high confidence)
MicroWorld-eScan	Trojan.GenericKDZ.83414
FireEye	Generic.mg.b78a25bf1f3119c6
ALYac	Gen:Variant.Lazy.114605
Cylance	Unsafe
K7GW	Trojan ( 0058dfc61 )
Cybereason	malicious.3ecad9
BitDefenderTheta	Gen:NN.ZemsilF.34182.Om0@aKSsCRd
Cyren	W32/MSIL_Kryptik.DBX.gen!Eldorado
Symantec	Scr.Malcode!gdn34
ESET-NOD32	a variant of MSIL/GenKryptik.FQMA
APEX	Malicious
Paloalto	generic.ml
Kaspersky	HEUR:Trojan.MSIL.Taskun.gen
BitDefender	Trojan.GenericKDZ.83414
Avast	Win32:BackdoorX-gen [Trj]
Emsisoft	Trojan.GenericKDZ.83414 (B)
McAfee-GW-Edition	BehavesLike.Win32.Generic.jc
Sophos	Mal/Generic-S
Ikarus	Win32.SuspectCrc
MaxSecure	Trojan.Malware.300983.susgen
Avira	TR/AD.GenSteal.edcvk
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
GData	Trojan.GenericKDZ.83414
Cynet	Malicious (score: 100)
AhnLab-V3	Trojan/Win.BackdoorX-gen.C4954511
McAfee	Artemis!B78A25BF1F31
MAX	malware (ai score=86)
Malwarebytes	Trojan.Crypt.MSIL
SentinelOne	Static AI – Suspicious PE
Fortinet	MSIL/GenKryptik.FQIM!tr
AVG	Win32:BackdoorX-gen [Trj]
Panda	Trj/GdSda.A

How to remove Lazy.114605?

Lazy.114605 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X