Malware

What is “Lazy.260089 (B)”?

Malware Removal

The Lazy.260089 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Lazy.260089 (B) virus can do?

  • Sample contains Overlay data
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Lazy.260089 (B)?



File Info:

name: 5ECF5C1E27785CB3590C.mlw
path: /opt/CAPEv2/storage/binaries/1349ee4ee5bf09ba6a3fe6b00f4e8c217390f23deb1b10344ab8b1a118bb167a
crc32: 50C4B6F7
md5: 5ecf5c1e27785cb3590c14f296cfa5ae
sha1: 489367d907cfbe5c79cddbf2a57aeade2ce963fe
sha256: 1349ee4ee5bf09ba6a3fe6b00f4e8c217390f23deb1b10344ab8b1a118bb167a
sha512: dadae1748aaa0a56163ba9da7cfccdc9a26ee42062ee7d2b29770ac28a0b1a847b3da7010d0a7225872c3eaf9c2e8db350ab4fbe6731470cc140c9c68703d036
ssdeep: 49152:1Hs/hH9cJs273hky8S97R+82bulcI1wXZTBz5ONNIo:1KG3hk6ZX1hNIo
type: PE32+ executable (GUI) x86-64, for MS Windows
tlsh: T1DE859C07F6C542D8D0AAC1389746E133EA62BC591B35B6EF069192652F77EE0AF3D700
sha3_384: fadad9b2b413e62b73e6b681be6bab676c3e9ebd839a2a4c65abb8d40c7e6b6728dda11170fd55059c3b0e60352c04f7
ep_bytes: e848feffffc82000004c897c24f84883
timestamp: 2021-08-11 22:26:42


Version Info:

CompanyName: Microsoft Corporation
FileDescription: Microsoft Edge
FileVersion: 92.0.902.73
InternalName: elevation_service_exe
LegalCopyright: Copyright Microsoft Corporation. All rights reserved.
OriginalFilename: elevation_service.exe
ProductName: Microsoft Edge
ProductVersion: 92.0.902.73
CompanyShortName: Microsoft
ProductShortName: Microsoft Edge
LastChange: cad199e39220991414cd71868a619fff614880c7
Official Build: 1
Translation: 0x0409 0x04b0

Lazy.260089 (B) also known as:

MicroWorld-eScanGen:Variant.Lazy.260089
FireEyeGen:Variant.Lazy.260089
ALYacGen:Variant.Lazy.260089
VIPREGen:Variant.Lazy.260089
K7AntiVirusTrojan ( 0059aa0b1 )
K7GWTrojan ( 0059aa0b1 )
CyrenW64/Ipamor.A
SymantecML.Attribute.HighConfidence
ESET-NOD32Win64/Filecoder.GG
CynetMalicious (score: 100)
KasperskyVHO:Trojan-Ransom.Win32.Blocker.gen
BitDefenderGen:Variant.Lazy.260089
Ad-AwareGen:Variant.Lazy.260089
EmsisoftGen:Variant.Lazy.260089 (B)
DrWebWin32.HLLP.Azov.2
TrendMicroRansom.Win64.AZVO.SMYXCJ5
GDataGen:Variant.Lazy.260089
JiangminTrojan.Blocker.urx
Antiy-AVLGrayWare/Win32.Filecoder.gg
ArcabitTrojan.Lazy.D3F7F9
ZoneAlarmVHO:Trojan-Ransom.Win32.Blocker.gen
MicrosoftTrojan:Win32/Wacatac.B!ml
GoogleDetected
AhnLab-V3Trojan/Win.Generic.R533485
MAXmalware (ai score=87)
MalwarebytesMalware.AI.1053266483
RisingRansom.Agent!8.6B7 (TFE:2:U9tOTBNOHOO)
IkarusWorm.MSIL.Agent
FortinetW64/Filecoder.GG!tr

How to remove Lazy.260089 (B)?

Lazy.260089 (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment