Malware

Lazy.255820 removal guide

Malware Removal

The Lazy.255820 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Lazy.255820 virus can do?

  • Sample contains Overlay data
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Lazy.255820?



File Info:

name: C2C2FC9A265031CFEDBB.mlw
path: /opt/CAPEv2/storage/binaries/e6d65ec3976709ee6359e31573d50df09d138b29b4fb1921a7099058829185a5
crc32: B6D4842F
md5: c2c2fc9a265031cfedbb794fdb0fe302
sha1: 5421490671322fdb68ac63d2adfe6d65b1ab9fa9
sha256: e6d65ec3976709ee6359e31573d50df09d138b29b4fb1921a7099058829185a5
sha512: 3a98d05b2949d6fd9c24e7e1fbbcc21ebde184c3bdda8eda95e1b16fc79e6fee51c208ed3b2a4512d015e41b44e40a87e93747ae2f2d7182d005c53c9fea0edb
ssdeep: 3072:OBUU39jsftInV9crnvXZ0URfNKjLUjLMh:OBUs9NVCvXZMMG
type: PE32+ executable (console) x86-64, for MS Windows
tlsh: T138A3E04A778800E2C12203F4449696CAF677FE914F11D78F1265C20E2F777D5B9B6B2A
sha3_384: baf6cc6797daea903d8cd9894f181034752d54f6b0600c8dd93dc186ef54098dd48c32f25228d6e0bd7094461949d35b
ep_bytes: e848feffffc82000004c897c24f84883
timestamp: 2019-10-20 05:44:53


Version Info:

CompanyName: Microsoft Corporation
FileVersion: 2.75.5649.201
LegalCopyright: Copyright (C) Microsoft Corporation. All rights reserved.
ProductName: Microsoft® Mashup Runtime
ProductVersion: 2.75.5649.201
LegalTrademarks: Microsoft® is a registered trademark of Microsoft Corporation.
Translation: 0x0409 0x04b0

Lazy.255820 also known as:

Elasticmalicious (moderate confidence)
MicroWorld-eScanGen:Variant.Lazy.255820
FireEyeGen:Variant.Lazy.255820
CylanceUnsafe
K7AntiVirusTrojan ( 0059a88d1 )
K7GWTrojan ( 0059a88d1 )
CyrenW64/Ipamor.A
SymantecML.Attribute.HighConfidence
ESET-NOD32Win64/Filecoder.GG
KasperskyVHO:Trojan-Ransom.Win32.Blocker.gen
BitDefenderGen:Variant.Lazy.255820
AvastWin64:Trojan-gen
Ad-AwareGen:Variant.Lazy.255820
EmsisoftGen:Variant.Lazy.255820 (B)
VIPREGen:Variant.Lazy.255820
GDataGen:Variant.Lazy.255820
JiangminTrojan.Blocker.urx
GoogleDetected
MAXmalware (ai score=87)
Antiy-AVLTrojan/Generic.ASBOL.C73A
ArcabitTrojan.Lazy.D3E74C
MicrosoftTrojan:Win32/Wacatac.B!ml
AhnLab-V3Trojan/Win.Generic.R533501
ALYacGen:Variant.Lazy.255820
MalwarebytesMalware.AI.1053266483
RisingRansom.Agent!8.6B7 (TFE:2:U9tOTBNOHOO)
IkarusTrojan-Ransom.FileCrypter
FortinetW64/Filecoder.GG!tr
AVGWin64:Trojan-gen
CrowdStrikewin/malicious_confidence_70% (D)

How to remove Lazy.255820?

Lazy.255820 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment