Malware

Lazy.225146 malicious file

Malware Removal

The Lazy.225146 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Lazy.225146 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Possible date expiration check, exits too soon after checking local time
  • Dynamic (imported) function loading detected
  • Authenticode signature is invalid

How to determine Lazy.225146?


File Info:

name: 76A5430A5AC36E7F41F8.mlw
path: /opt/CAPEv2/storage/binaries/9bc4382967cfd0efae3ddd0bfdd994dd8d349e44fc31b4793ce792ec319f2219
crc32: 49D961F8
md5: 76a5430a5ac36e7f41f84ec3edb08fff
sha1: e3fb82bd5421a93867e95ac36a02d09848b6b1ae
sha256: 9bc4382967cfd0efae3ddd0bfdd994dd8d349e44fc31b4793ce792ec319f2219
sha512: 7efd49cff9059b2a703afff00b7da3142bb36608239516ab770f406319b18152228db927600a32b3ac128193a9859a56fbf587a2472575d643a53141fdd2b3a7
ssdeep: 12288:zE/tTM+IsUbw7geGY8TPvoauHvA+UlHSstfO:zEVMPsUs7gxPvozvA+UxbV
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T16C94C02771B47D77DC42C4F16A209A222C6BB832A96F84F7FBC46E1D09E46D54718E83
sha3_384: 51701ca117833a2b3fbaa02df7c4a807130b2d304825632c21a5a7b3a5e09fc96ec0bebe47e2a58c6e80d1eaef32175e
ep_bytes: e8cf050000e974feffffc20000cccccc
timestamp: 2022-08-02 20:46:05

Version Info:

0: [No Data]

Lazy.225146 also known as:

LionicTrojan.Win32.Lazy.4!c
MicroWorld-eScanGen:Variant.Lazy.225146
ALYacGen:Variant.Lazy.225146
CylanceUnsafe
VIPREGen:Variant.Lazy.225146
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 005967e41 )
AlibabaTrojan:Win32/GenKryptik.172f2937
K7GWTrojan ( 005967e41 )
Cybereasonmalicious.a5ac36
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/GenKryptik_AGen.IN
APEXMalicious
Paloaltogeneric.ml
BitDefenderGen:Variant.Lazy.225146
AvastWin32:PWSX-gen [Trj]
RisingTrojan.Generic@AI.100 (RDML:Baek4ApGqXEw1EN40tgl9A)
Ad-AwareGen:Variant.Lazy.225146
F-SecureHeuristic.HEUR/AGEN.1213152
McAfee-GW-EditionBehavesLike.Win32.BadFile.gm
Trapminemalicious.moderate.ml.score
FireEyeGeneric.mg.76a5430a5ac36e7f
EmsisoftGen:Variant.Lazy.225146 (B)
GDataGen:Variant.Lazy.225146
AviraHEUR/AGEN.1213152
ArcabitTrojan.Lazy.D36F7A
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 100)
Acronissuspicious
McAfeeArtemis!76A5430A5AC3
MAXmalware (ai score=89)
TrendMicro-HouseCallTROJ_GEN.R002H09H322
FortinetW32/PossibleThreat
BitDefenderThetaGen:NN.ZexaF.34582.BuW@auZSVlo
AVGWin32:PWSX-gen [Trj]
PandaTrj/Chgt.AD
CrowdStrikewin/malicious_confidence_60% (W)

How to remove Lazy.225146?

Lazy.225146 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment