Lazy.20533 (file analysis)

The Lazy.20533 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Lazy.20533 virus can do?

Dynamic (imported) function loading detected
CAPE extracted potentially suspicious content
Authenticode signature is invalid
Binary compilation timestomping detected

How to determine Lazy.20533?


File Info:
name: 4A3C3AB29FC387E103AE.mlw
path: /opt/CAPEv2/storage/binaries/79c429401d72a2fde7885f6481b93280415da4d8cbab4ff3be3203f543813c6a
crc32: 2C1750D1
md5: 4a3c3ab29fc387e103ae4eb2eb517f09
sha1: 1d92d38f79c151c69703cf97cf7dde0da2e9e434
sha256: 79c429401d72a2fde7885f6481b93280415da4d8cbab4ff3be3203f543813c6a
sha512: 7b3d67fb7833b48e0da55e66326dd23d2f9c3b9b6f16092a43053baa684de98f7b18479d055318deafa8254cd0204a6ee1debc672df41f7243f94eb4cd4aa890
ssdeep: 768:LXjewuTgrOSNGwL8d2/wRa46OBSByLopNwmELjJbbb6jbbbbbbbbbbbbbbUbbbb3:j6fgrNNGwL8d2/wRa4VSByLorwbsj9Ef
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1B4F2F84837E4AB26E23EA77D143595400BF6B927E322FB5E6F8190DD057B740CA90B23
sha3_384: b62c1de229c2d84e39629899bd6d963e11402106e599c267a34bf1f91f4af0833736d9904451a984bfba7a403ac17ce3
ep_bytes: ff250020400000000000000000000000
timestamp: 2075-01-04 02:42:26

Version Info:
Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: TipicoToolNEW
FileVersion: 1.0.0.0
InternalName: TipicoToolNEW.exe
LegalCopyright: Copyright ©  2021
LegalTrademarks: 
OriginalFilename: TipicoToolNEW.exe
ProductName: TipicoToolNEW
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Lazy.20533 also known as:

Lionic	Trojan.Win32.Lazy.4!c
Cynet	Malicious (score: 99)
CAT-QuickHeal	PUA.WacapewFC.S22017442
ALYac	Gen:Variant.Lazy.20533
Zillya	Downloader.Agent.Win32.457472
Sangfor	Trojan.MSIL.Agent.gen
Cybereason	malicious.f79c15
Cyren	W32/Trojan.MDYQ-5200
Symantec	ML.Attribute.HighConfidence
TrendMicro-HouseCall	TROJ_GEN.R002C0WLD21
Paloalto	generic.ml
Kaspersky	HEUR:Trojan-Downloader.MSIL.Agent.gen
BitDefender	Gen:Variant.Lazy.20533
MicroWorld-eScan	Gen:Variant.Lazy.20533
Avast	Win32:Malware-gen
Ad-Aware	Gen:Variant.Lazy.20533
Emsisoft	Gen:Variant.Lazy.20533 (B)
TrendMicro	TROJ_GEN.R002C0WLD21
McAfee-GW-Edition	RDN/Generic Downloader.x
FireEye	Generic.mg.4a3c3ab29fc387e1
Sophos	Generic PUA BN (PUA)
GData	Gen:Variant.Lazy.20533
Avira	HEUR/AGEN.1210175
MAX	malware (ai score=86)
Gridinsoft	Ransom.Win32.Sabsik.sa
Arcabit	Trojan.Lazy.D5035
Microsoft	Trojan:Win32/Wacatac.B!ml
AhnLab-V3	Trojan/Win.Generic.C4879434
McAfee	RDN/Generic Downloader.x
VBA32	TScope.Trojan.MSIL
Cylance	Unsafe
APEX	Malicious
SentinelOne	Static AI – Suspicious PE
Fortinet	Malicious_Behavior.SB
AVG	Win32:Malware-gen
Panda	Trj/GdSda.A

How to remove Lazy.20533?

Lazy.20533 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X