Lazy.213928 removal instruction

The Lazy.213928 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Lazy.213928 virus can do?

Dynamic (imported) function loading detected
.NET file is packed/obfuscated with Confuser
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid
Anomalous .NET characteristics

How to determine Lazy.213928?


File Info:
name: 83ABD5211B265013E2F3.mlw
path: /opt/CAPEv2/storage/binaries/f2a365383078f414c87d16a35e6bd55c81786e885cb21e81f5bb7b81c3283b14
crc32: EF8693D8
md5: 83abd5211b265013e2f3ca0d12f566d5
sha1: 0aa29958fe193b3af6b64dcf883ad23d8f3c5559
sha256: f2a365383078f414c87d16a35e6bd55c81786e885cb21e81f5bb7b81c3283b14
sha512: e9d2ff4597cc8689e385bcb7c9363fc3420a5140c4fd1fc2b30f2a347f07208036b93c69f2286f67b5e2db5591f0101a5a989d7ebe29decc8b96e526910ea9a0
ssdeep: 1536:eCptQBcnSew957IoT3pV9riMs8Ectf4svKAdGuZrd96ch6UBvn6tRR+N8RcagKo:eCpgcSewzIotzYVcx3vjdHZJ56BcW2
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T19AB3028AFC6C625FF64653BD00F587084779EE2A7805E3DB7C10B2A46D01B929D1B6E3
sha3_384: 0f95547e3f5249194a0fd692f9440d4eae197697fcb57f4db397f430964803b9d50ae91bf7a9572d5da4d03c7b97adac
ep_bytes: ff250020400000000000000000000000
timestamp: 2022-07-20 02:45:30

Version Info:
Translation: 0x0000 0x04b0
FileDescription:  
FileVersion: 0.0.0.0
InternalName: output.exe
LegalCopyright:  
OriginalFilename: output.exe
ProductVersion: 0.0.0.0
Assembly Version: 0.0.0.0

Lazy.213928 also known as:

Bkav	W32.AIDetectNet.01
Elastic	malicious (high confidence)
Cynet	Malicious (score: 100)
FireEye	Generic.mg.83abd5211b265013
Malwarebytes	Trojan.Crypt.MSIL
VIPRE	Gen:Variant.Lazy.213928
Sangfor	Suspicious.Win32.Save.a
CrowdStrike	win/malicious_confidence_70% (D)
Cyren	W32/MSIL_Kryptik.CRK.gen!Eldorado
ESET-NOD32	a variant of MSIL/Kryptik.SAC
APEX	Malicious
Kaspersky	HEUR:Trojan-PSW.MSIL.Disco.gen
BitDefender	Gen:Variant.Lazy.213928
MicroWorld-eScan	Gen:Variant.Lazy.213928
Avast	MSIL:GenMalicious-BIU [Trj]
Rising	Trojan.Generic/MSIL@AI.100 (RDM.MSIL:dzDdS1wZwkpcAkhPo3CGGg)
Ad-Aware	Gen:Variant.Lazy.213928
Emsisoft	Gen:Variant.Lazy.213928 (B)
F-Secure	Trojan.TR/Dropper.Gen
Trapmine	malicious.high.ml.score
Sophos	Generic ML PUA (PUA)
Ikarus	Trojan.MSIL.TrojanClicker
GData	Gen:Variant.Lazy.213928
Avira	TR/Dropper.Gen
MAX	malware (ai score=83)
Arcabit	Trojan.Lazy.D343A8
ZoneAlarm	HEUR:Trojan.Win32.Generic
Microsoft	Trojan:Win32/Wacatac.B!ml
AhnLab-V3	Trojan/Win.Generic.C4553311
Acronis	suspicious
ALYac	Gen:Variant.Lazy.213928
Cylance	Unsafe
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.300983.susgen
BitDefenderTheta	Gen:NN.ZemsilF.34806.gm0@aOMlzh
AVG	MSIL:GenMalicious-BIU [Trj]
Cybereason	malicious.11b265

How to remove Lazy.213928?

Lazy.213928 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X