Malware

Lazy.146504 malicious file

Malware Removal

The Lazy.146504 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Lazy.146504 virus can do?

  • Sample contains Overlay data
  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid

How to determine Lazy.146504?



File Info:

name: AD2DEB3BEF9416737183.mlw
path: /opt/CAPEv2/storage/binaries/05717c84f5db7a703dd8481f38454c4bc984ad5173fa8153ea15abdcbea89365
crc32: A0642C70
md5: ad2deb3bef94167371839c075af59148
sha1: 4a3d9c64337889a88bc96703872e331918da7c07
sha256: 05717c84f5db7a703dd8481f38454c4bc984ad5173fa8153ea15abdcbea89365
sha512: 7f3b74e3d82f2269248489d9dedfdc9f61695e4a749276e9ef534907f668d3516b28cf3d816c4053ebe423bf1d1a060f55198c5c5e50d659f1f8ed1633c1aa38
ssdeep: 196608:DZzUPMIH8zUPMIHE8tGj8tGj8tGj8tGczUPMIH8zUPMIHU:DZQPxcQPxkdjdjdjdcQPxcQPx0
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T10CB61290965365B4E87FEB7B10BF9823957DB3730F02663132B0454EB12CDADB26A631
sha3_384: 2e11940fdca3e9df5536f8f33220c8a3595e247a17f39503f3b2de90cc63f37c418e7db4f416737fa55ae69965fa3626
ep_bytes: ff250020400000000000000000000000
timestamp: 2020-12-06 16:45:28


Version Info:

Translation: 0x0000 0x04b0
CompanyName: Microsoft
FileDescription: WindowsFormsApplication1
FileVersion: 1.0.0.0
InternalName: WindowsFormsApplication1.exe
LegalCopyright: Copyright © Microsoft 2020
OriginalFilename: WindowsFormsApplication1.exe
ProductName: WindowsFormsApplication1
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Lazy.146504 also known as:

Elasticmalicious (high confidence)
DrWebBackDoor.Bladabindi.16104
MicroWorld-eScanGen:Variant.Lazy.146504
FireEyeGeneric.mg.ad2deb3bef941673
ALYacGen:Variant.Lazy.146504
CylanceUnsafe
VIPREGen:Variant.Lazy.146504
SangforTrojan.MSIL.Agent.HDJ
K7AntiVirusTrojan-Downloader ( 00574ae41 )
AlibabaBackdoor:MSIL/Bladabindi.51506f52
K7GWTrojan-Downloader ( 00574ae41 )
Cybereasonmalicious.bef941
BitDefenderThetaGen:NN.ZemsilF.34806.@p3@a4bLAqp
CyrenW32/Trojan.FTS.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/TrojanDownloader.Agent.HDJ
APEXMalicious
Paloaltogeneric.ml
KasperskyHEUR:Backdoor.MSIL.Bladabindi.gen
BitDefenderGen:Variant.Lazy.146504
AvastWin32:KeyloggerX-gen [Trj]
TencentMalware.Win32.Gencirc.10ce3dc9
Ad-AwareGen:Variant.Lazy.146504
EmsisoftGen:Variant.Lazy.146504 (B)
ZillyaBackdoor.Bladabindi.Win32.22454
TrendMicroTROJ_GEN.R002C0DEP22
McAfee-GW-EditionBehavesLike.Win32.Trojan.vc
SophosMal/Generic-S
IkarusBackdoor.Bladabindi
JiangminBackdoor.MSIL.dzsw
AviraHEUR/AGEN.1236285
Antiy-AVLTrojan/Generic.ASMalwS.3DAC
MicrosoftTrojan:Win32/Masson.A!rfn
GDataGen:Variant.Lazy.146504
CynetMalicious (score: 99)
AhnLab-V3Malware/Win32.RL_Generic.C4264631
Acronissuspicious
McAfeeGenericRXAA-FA!AD2DEB3BEF94
MAXmalware (ai score=85)
MalwarebytesBackdoor.Bladabindi
TrendMicro-HouseCallTROJ_GEN.R002C0DEP22
RisingTrojan.Generic/MSIL@AI.100 (RDM.MSIL:vmq0O6PMoo9DCNEtU7ozrg)
YandexBackdoor.Bladabindi!xWaf7G6rKQA
SentinelOneStatic AI – Malicious PE
FortinetMSIL/Agent.B5A9!tr
AVGWin32:KeyloggerX-gen [Trj]
PandaTrj/GdSda.A
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Lazy.146504?

Lazy.146504 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment