How to remove “Lazy.163761 (B)”?

The Lazy.163761 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Lazy.163761 (B) virus can do?

Sample contains Overlay data
CAPE extracted potentially suspicious content
Authenticode signature is invalid
Anomalous binary characteristics

How to determine Lazy.163761 (B)?


File Info:
name: 5E9E5C3DDD94C20EBD7C.mlw
path: /opt/CAPEv2/storage/binaries/d38014e96cea0839d0d30f9a12801924ca02c7e3126e6e8e5d3c2f6baf67e884
crc32: 0D04A56E
md5: 5e9e5c3ddd94c20ebd7c3907e9b07195
sha1: 0a002100a788d3c7f314224c3076ba16ca11056c
sha256: d38014e96cea0839d0d30f9a12801924ca02c7e3126e6e8e5d3c2f6baf67e884
sha512: ebce0fa2e68bd71bf252342ba1e211571cea995ed3c67ae0093c6ceeb2411a9f4bcbd28e9e991dabaf666809746d8779290793dfa0ec22010ea1d24409ddecad
ssdeep: 393216:6bFb3bPk5HPhJCFMg25Bo1avPF8JYGlgsjI:yJWhBoAew
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T193D6BF11F5C284B1DFE34178A2A2F35FA725FC8281209DAAF95C3685AF335915D2F21E
sha3_384: afca040445ff36dcf7a4387fa1b0941ef37749829e857e4c11706d1add055435c90a208d634670c0ab85009bc57a645a
ep_bytes: ff250020400000000000000000000000
timestamp: 2007-10-24 03:31:10

Version Info:
CompanyName: Microsoft Corporation
FileDescription: Microsoft .NET Assembly Registration Utility
FileVersion: 2.0.50727.1433 (REDBITS.050727-1400)
InternalName: RegAsm.exe
LegalCopyright: © Microsoft Corporation.  All rights reserved.
OriginalFilename: RegAsm.exe
ProductName: Microsoft® .NET Framework
ProductVersion: 2.0.50727.1433
Comments: Flavor=Retail
Translation: 0x0409 0x04b0

Lazy.163761 (B) also known as:

Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Lazy.163761
ClamAV	Win.Malware.Generic-9839999-0
FireEye	Gen:Variant.Lazy.163761
CAT-QuickHeal	Trojan.AgenFC.S20327787
ALYac	Gen:Variant.Lazy.163761
Cylance	Unsafe
Zillya	Dropper.Agent.Win32.510507
Sangfor	Trojan.Win32.Save.a
Cybereason	malicious.ddd94c
Cyren	W32/MSIL_Kryptik.CZ.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
tehtris	Generic.Malware
ESET-NOD32	a variant of MSIL/TrojanDropper.Agent.FIF
APEX	Malicious
Cynet	Malicious (score: 100)
Kaspersky	UDS:DangerousObject.Multi.Generic
BitDefender	Gen:Variant.Lazy.163761
NANO-Antivirus	Trojan.Win32.Memery.bybqne
Avast	Win32:DropperX-gen [Drp]
Ad-Aware	Gen:Variant.Lazy.163761
Emsisoft	Gen:Variant.Lazy.163761 (B)
DrWeb	Win32.Siggen.16
VIPRE	Gen:Variant.Lazy.163761
McAfee-GW-Edition	BehavesLike.Win32.Virut.rc
SentinelOne	Static AI – Malicious PE
GData	MSIL.Trojan.PSE.1AJ2WXA
Avira	HEUR/AGEN.1247639
Arcabit	Trojan.Lazy.D27FB1
Microsoft	Trojan:Win32/Sabsik.TE.B!ml
Google	Detected
Acronis	suspicious
McAfee	Artemis!5E9E5C3DDD94
MAX	malware (ai score=85)
VBA32	Virus.Loch.271107
Malwarebytes	Lamer.Virus.FileInfector.DDS
Yandex	Trojan.Agent!AXRJ9YG7c6c
Ikarus	Trojan-Dropper.MSIL.Agent
MaxSecure	Trojan.Malware.121218.susgen
BitDefenderTheta	AI:FileInfector.37DCC0A10D
AVG	Win32:DropperX-gen [Drp]
Panda	Trj/CI.A

How to remove Lazy.163761 (B)?

Lazy.163761 (B) removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X