Malware

Lazy.160613 removal guide

Malware Removal

The Lazy.160613 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Lazy.160613 virus can do?

  • Sample contains Overlay data
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Lazy.160613?



File Info:

name: F73C3CC06ED0914C1FC1.mlw
path: /opt/CAPEv2/storage/binaries/1d342177764ba027049981f773220f7c49ccde8138e075031bbc2b639d3d0eeb
crc32: 93C9F591
md5: f73c3cc06ed0914c1fc117904d887a88
sha1: ffd347f9978a1f30f9cb2a96a0cfaedf0c5bddd9
sha256: 1d342177764ba027049981f773220f7c49ccde8138e075031bbc2b639d3d0eeb
sha512: 44a3f418e95873326dd2fb6226e9d332dba20d0223879444a425dc948592dbd24fe7504cc54f48751ba798d8ba32c1edf90516d77da2d9f55476391dc048852e
ssdeep: 12288:z+wB3/AWKHtdpIms9QU9L64niLfunoZ6UZ0rx+ZSNXd:zV3/0W99L64niLfunI6UZExf
type: PE32+ executable (GUI) x86-64, for MS Windows
tlsh: T19294AE1AF3A414F8E5AB8138C957CD1AE7B17C964770C6AF32A482563F336614D2FB21
sha3_384: f725196b9e2a4f08bfc3ce3409ac5fb31bd0ac5ea7ac381c2760105d1f943a869bfb5d131b7db5bde55410083b9bd60c
ep_bytes: e848feffffc82000004c897c24f84883
timestamp: 2018-05-08 22:49:57


Version Info:

CompanyName: Google Inc.
FileDescription: Google Crash Handler
FileVersion: 1.3.33.17
InternalName: Google Update
LegalCopyright: Copyright 2007-2010 Google Inc.
OriginalFilename: GoogleUpdate.exe
ProductName: Google Update
ProductVersion: 1.3.33.17
Translation: 0x0409 0x04b0

Lazy.160613 also known as:

LionicTrojan.Win32.Lazy.4!c
MicroWorld-eScanGen:Variant.Lazy.160613
FireEyeGen:Variant.Lazy.160613
McAfeeArtemis!F73C3CC06ED0
CylanceUnsafe
CrowdStrikewin/malicious_confidence_60% (W)
SymantecTrojan.Gen.2
ESET-NOD32Win64/Filecoder.GG
APEXMalicious
TrendMicro-HouseCallTROJ_GEN.R002H09JV22
KasperskyTrojan-Ransom.Win32.Blocker.ywte
BitDefenderGen:Variant.Lazy.160613
AvastWin64:Trojan-gen
TencentWin32.Trojan.Blocker.Ymhl
Ad-AwareGen:Variant.Lazy.160613
EmsisoftGen:Variant.Lazy.160613 (B)
VIPREGen:Variant.Lazy.160613
McAfee-GW-EditionBehavesLike.Win64.NetLoader.gh
SophosGeneric ML PUA (PUA)
GDataGen:Variant.Lazy.160613
GoogleDetected
AviraTR/FileCoder.feief
MAXmalware (ai score=86)
ArcabitTrojan.Lazy.D27365
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win.Generic.R532502
ALYacGen:Variant.Lazy.160613
RisingRansom.Agent!8.6B7 (CLOUD)
IkarusTrojan-Ransom.FileCrypter
FortinetW64/Filecoder.GG!tr
AVGWin64:Trojan-gen

How to remove Lazy.160613?

Lazy.160613 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment