Malware

Lazy.260089 information

Malware Removal

The Lazy.260089 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Lazy.260089 virus can do?

  • Sample contains Overlay data
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Lazy.260089?



File Info:

name: D4FF24129EAD9421D016.mlw
path: /opt/CAPEv2/storage/binaries/0c98ae212ce767273591efd8ffedcb4cfa4a8586a53f4dc099685aa7c1ea0470
crc32: 8DD88FF4
md5: d4ff24129ead9421d016d0fe1287098b
sha1: 03ae26478c3fa348fcfa15514293fba5bf378ba3
sha256: 0c98ae212ce767273591efd8ffedcb4cfa4a8586a53f4dc099685aa7c1ea0470
sha512: 8f3e8c9e44a9ac292988b093ed40e15c3540b2d0004fdb8d2eeefbcc98f80bc97eb52c704b5006a008c92c7c91884373996939e6c040340b1f4131dab5030f6d
ssdeep: 49152:JwBF75mZ0w1z7OEXA5MPA+2bulcI1wXZTBz5AgOsL:JTz7OUDX1YOsL
type: PE32+ executable (GUI) x86-64, for MS Windows
tlsh: T147859C07F6C542D8D0AAC1389746F133EA62BC591B35B6EF069192592E77EE0AF3D700
sha3_384: dca8d8b31b33f073a4fb60b0d018016359b01170c0e93f9f4e40f44ae5482906d95d97b7246337b8de9635502f57e7c2
ep_bytes: e848feffffc82000004c897c24f84883
timestamp: 2021-08-11 22:26:42


Version Info:

CompanyName: Microsoft Corporation
FileDescription: Microsoft Edge
FileVersion: 92.0.902.73
InternalName: elevation_service_exe
LegalCopyright: Copyright Microsoft Corporation. All rights reserved.
OriginalFilename: elevation_service.exe
ProductName: Microsoft Edge
ProductVersion: 92.0.902.73
CompanyShortName: Microsoft
ProductShortName: Microsoft Edge
LastChange: cad199e39220991414cd71868a619fff614880c7
Official Build: 1
Translation: 0x0409 0x04b0

Lazy.260089 also known as:

LionicTrojan.Win32.Crypmodng.tsaK
MicroWorld-eScanGen:Variant.Lazy.260089
McAfeeArtemis!D4FF24129EAD
CylanceUnsafe
VIPREGen:Variant.Lazy.260089
K7AntiVirusTrojan ( 0059a88d1 )
AlibabaTrojan:Win64/Filecoder.295e73b2
K7GWTrojan ( 0059a88d1 )
CyrenW64/Ipamor.A
SymantecML.Attribute.HighConfidence
ESET-NOD32Win64/Filecoder.GG
CynetMalicious (score: 100)
KasperskyVHO:Trojan-Ransom.Win32.Convagent.gen
BitDefenderGen:Variant.Lazy.260089
AvastWin64:Trojan-gen
TencentWin32.Trojan.Filecoder.Bdhl
Ad-AwareGen:Variant.Lazy.260089
SophosMal/Generic-S
DrWebWin32.HLLP.Azov.2
McAfee-GW-EditionArtemis!Trojan
FireEyeGen:Variant.Lazy.260089
EmsisoftGen:Variant.Lazy.260089 (B)
GDataGen:Variant.Lazy.260089
JiangminTrojan.Blocker.urx
WebrootW32.Ransom.Gen
AviraTR/FileCoder.hwvay
Antiy-AVLTrojan/Generic.ASBOL.C73A
ArcabitTrojan.Lazy.D3F7F9
ZoneAlarmVHO:Trojan-Ransom.Win32.Convagent.gen
MicrosoftTrojan:Win32/Wacatac.B!ml
GoogleDetected
AhnLab-V3Trojan/Win.Generic.R533485
ALYacGen:Variant.Lazy.260089
MAXmalware (ai score=84)
MalwarebytesMalware.AI.1053266483
RisingRansom.Agent!8.6B7 (TFE:2:U9tOTBNOHOO)
IkarusWorm.MSIL.Agent
FortinetW64/Filecoder.GG!tr
AVGWin64:Trojan-gen
PandaTrj/RansomGen.A
CrowdStrikewin/malicious_confidence_90% (D)

How to remove Lazy.260089?

Lazy.260089 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment