Malware

Lazy.227536 (B) removal tips

Malware Removal

The Lazy.227536 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Lazy.227536 (B) virus can do?

  • Sample contains Overlay data
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Presents an Authenticode digital signature
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Uses Windows utilities for basic functionality
  • Detects Bochs through the presence of a registry key
  • Checks the version of Bios, possibly for anti-virtualization
  • Collects information to fingerprint the system
  • Uses suspicious command line tools or Windows utilities

How to determine Lazy.227536 (B)?



File Info:

name: 5A3FA0E73D1B748C61C2.mlw
path: /opt/CAPEv2/storage/binaries/927e61b57c124701f9d22abbc72f34ebe71bf1cd717719f8fc6008406033b3e9
crc32: FCA755D5
md5: 5a3fa0e73d1b748c61c21d63e0326bb9
sha1: 8f6e829f025788fae8c0fde325a6a13769ab19d4
sha256: 927e61b57c124701f9d22abbc72f34ebe71bf1cd717719f8fc6008406033b3e9
sha512: b2231032bc714ecc4c3d3ddc92ec47ef5e794079f3f8af43bb40fe164a1a9b0a3977307b539ff1203738055ef11f7690dacb664c4682bd5783efcd7628c5cd2b
ssdeep: 24576:ePsAr4nqt+LADkp3N0vv6xKoPtzfjh3cIyWCFxNNqPGo2xX8PaZZCAYdbbu/h48M:eUY4nqt+ED03iv6MoPtfj1fyjLuGzxo1
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T17B6523814C5AA5B8E8422F700F1EF4E018963C663F6674DC1E81FBE61F7DED68692643
sha3_384: 21422f9f94143245edd23fbe87f7a315c6a3d9c02863615c26c190f85342a44c18dbf0319985bc2c965c2cf33480940b
ep_bytes: 60be00f042008dbe0020fdffc7870c9d
timestamp: 2018-04-15 11:29:29


Version Info:

CompanyName: Mozilla Corporation
FileDescription: Kingsoft Install Tool
FileVersion: 2.1.4.4
InternalName: Kingsoft Install Tool
LegalCopyright: Copyright (C) 2017 Mozilla Corporation All rights reserved.
OriginalFilename: Kingsoft Install Tool
ProductName: Kingsoft Install Tool
ProductVersion: 2.1.4.4
Translation: 0x0409 0x04b0

Lazy.227536 (B) also known as:

LionicHeuristic.File.Generic.00×1!p
MicroWorld-eScanGen:Variant.Lazy.227536
ClamAVWin.Malware.Bugor-9836077-0
FireEyeGeneric.mg.5a3fa0e73d1b748c
CAT-QuickHealTrojan.MauvaiseRI.S5254986
ALYacTrojan.PWS.Agent
MalwarebytesMalware.AI.3424695638
VIPREGen:Variant.Lazy.227536
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaTrojanSpy:Win32/JbossMiner.62958495
K7GWSpyware ( 0052de311 )
K7AntiVirusTrojan ( 0053012d1 )
CyrenW32/S-cd5538cc!Eldorado
SymantecInfostealer
Elasticmalicious (moderate confidence)
ESET-NOD32a variant of Win32/Spy.Agent.PKE
APEXMalicious
Paloaltogeneric.ml
CynetMalicious (score: 99)
KasperskyUDS:Trojan.Win32.Swrort.a
BitDefenderGen:Variant.Lazy.227536
NANO-AntivirusTrojan.Win32.Razy.fakffy
AvastWin32:JbossMiner-B [Trj]
TencentWin32.Trojan.FalseSign.Ckjl
Ad-AwareGen:Variant.Lazy.227536
EmsisoftGen:Variant.Lazy.227536 (B)
ComodoMalware@#2zzgst74ja0p9
ZillyaTrojan.Agent.Win32.895814
McAfee-GW-EditionGenericRXET-CX!9160A7C50ACF
Trapminemalicious.high.ml.score
SophosMal/Generic-S
IkarusTrojan-Spy.Agent
GDataGen:Variant.Lazy.227536
JiangminTrojan.Swrort.hh
WebrootW32.Trojan.Gen
AviraHEUR/AGEN.1201296
Antiy-AVLTrojan/Generic.ASMalwS.3303
ArcabitTrojan.Lazy.D378D0
ViRobotTrojan.Win32.Z.Razy.1491048
MicrosoftTrojan:Win32/Occamy.C92
GoogleDetected
AhnLab-V3Trojan/Win32.Swrort.R225814
McAfeeArtemis!5A3FA0E73D1B
MAXmalware (ai score=100)
VBA32BScope.Trojan.Downloader
CylanceUnsafe
RisingTrojan.Occamy!8.F1CD (TFE:5:H4u7ZunJh4H)
YandexTrojan.GenAsa!125NX1n0GRw
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.7164915.susgen
FortinetW32/Agent.PKE!tr
BitDefenderThetaGen:NN.ZexaF.34646.BnLfa0ICudnj
AVGWin32:JbossMiner-B [Trj]
Cybereasonmalicious.73d1b7
PandaTrj/Genetic.gen

How to remove Lazy.227536 (B)?

Lazy.227536 (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment