What is “Lazy.172436”?

The Lazy.172436 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Lazy.172436 virus can do?

Dynamic (imported) function loading detected
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid

How to determine Lazy.172436?


File Info:
name: EAE9AF669C3E925DF2B6.mlw
path: /opt/CAPEv2/storage/binaries/bf0812aacf13ed1994be016b327062d3a9da81fdf66ed11599df99e32481c991
crc32: A149E634
md5: eae9af669c3e925df2b614b3c0ee4144
sha1: 893e2ac78f2f1f84fa97ce72871aaeca9f8c1cf3
sha256: bf0812aacf13ed1994be016b327062d3a9da81fdf66ed11599df99e32481c991
sha512: 081cd9b007e45e74b3efc7785d52df6899ba11ea734d7685fa3af8597f5157d483234c876baba8571be3d1e34386b529d046613052ade81b03108b907d98029c
ssdeep: 6144:2FrfmIrOfwDq3aC3ceJ11nM7FO8JFDhd1iY/zMQi5YUVtZgTcz7w7x8yg2755DN:2FifyEl1M3JF8Y7eYUVtZgTcz7w7x8y9
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T11A649D9C765076DFC85BC8768AA82C78EA5174BB431FC603906716EDEA0C99BCF150F2
sha3_384: 60e309cee66378bd9c5a8c0d3de25dd41d0fe8431776f8a2ed44916b87e808d5b0eef39ca8d7c24586c2ef6b85ced354
ep_bytes: ff250020400000000000000000000000
timestamp: 2022-04-23 09:53:27

Version Info:
0: [No Data]

Lazy.172436 also known as:

Bkav	W32.AIDetectNet.01
McAfee	Artemis!EAE9AF669C3E
Sangfor	Suspicious.Win32.Save.a
BitDefender	Gen:Variant.Lazy.172436
Cybereason	malicious.78f2f1
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of MSIL/GenKryptik.FTOP
APEX	Malicious
Cynet	Malicious (score: 100)
Kaspersky	HEUR:Trojan-Dropper.MSIL.Injector.gen
MicroWorld-eScan	Gen:Variant.Lazy.172436
Rising	Malware.Obfus/MSIL@AI.90 (RDM.MSIL:okkHi/GTPpag/u6I00sbvw)
Ad-Aware	Gen:Variant.Lazy.172436
Sophos	Generic ML PUA (PUA)
F-Secure	Trojan.TR/Dropper.Gen
McAfee-GW-Edition	BehavesLike.Win32.Trojan.fc
FireEye	Generic.mg.eae9af669c3e925d
Emsisoft	Gen:Variant.Lazy.172436 (B)
SentinelOne	Static AI – Malicious PE
GData	Gen:Variant.Lazy.172436
Avira	TR/Dropper.Gen
Arcabit	Trojan.Lazy.D2A194
ZoneAlarm	HEUR:Trojan-Dropper.MSIL.Injector.gen
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
Acronis	suspicious
VBA32	CIL.StupidPInvoker-1.Heur
ALYac	Gen:Variant.Lazy.172436
MAX	malware (ai score=80)
Cylance	Unsafe
BitDefenderTheta	Gen:NN.ZemsilF.34606.tiW@aqmO0Mk
AVG	Win32:TrojanX-gen [Trj]
Avast	Win32:TrojanX-gen [Trj]
CrowdStrike	win/malicious_confidence_100% (D)

How to remove Lazy.172436?

Lazy.172436 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X