Malware

How to remove “Lazy.317801”?

Malware Removal

The Lazy.317801 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Lazy.317801 virus can do?

  • Executed a command line with /C or /R argument to terminate command shell on completion which can be used to hide execution
  • Sample contains Overlay data
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • A ping command was executed with the -n argument possibly to delay analysis
  • Uses Windows utilities for basic functionality
  • Deletes executed files from disk
  • Anomalous binary characteristics
  • Uses suspicious command line tools or Windows utilities

How to determine Lazy.317801?



File Info:

name: 6F5ED934D8E346C26D31.mlw
path: /opt/CAPEv2/storage/binaries/3bac663857a7680ffa2911facae16d4c7c203ed046b5ddeea7223528804168d3
crc32: 648B5950
md5: 6f5ed934d8e346c26d319cfe23dbe667
sha1: 8e07757aa9e344f8140a53a43c646c0d0d1136a0
sha256: 3bac663857a7680ffa2911facae16d4c7c203ed046b5ddeea7223528804168d3
sha512: 504d23af4c9f5ec80c3f6e3d94fa6b2791db5b28c16c02221df1adc94de8b108806024ce5757232ed4a040550b4b63b1c7a10e7c8bb154267131becdadea4c9b
ssdeep: 49152:4b5k2LjEbfXEZDJSTdggGS7hyfENVV9NdY65ElGmnKcbuxe8Xe2QqLk7/KAlCFS3:wobfXI8TdggG9K9NC65hmnNaQQMiAl93
type: PE32+ executable (GUI) x86-64, for MS Windows
tlsh: T158B5234AB7611DF6D473813988565515F77278620331DAEF06A0872BDF33AE0AE3EB60
sha3_384: 78c16706c4b3bea62bfc5f34f1f02d5703406c8e7ada432a1cdfc53f15ef6a96bbfd9a25d5b5ec50a1ca2303ca9dea8a
ep_bytes: 4883ec28e8eb0600004883c428e97afe
timestamp: 2016-10-13 05:34:13


Version Info:

0: [No Data]

Lazy.317801 also known as:

LionicTrojan.Win32.SelfDel.4!c
DrWebTrojan.MulDrop18.34560
MicroWorld-eScanGen:Variant.Lazy.317801
ClamAVWin.Malware.Beebone-9762279-0
FireEyeGeneric.mg.6f5ed934d8e346c2
McAfeeArtemis!6F5ED934D8E3
MalwarebytesGeneric.Trojan.Agent.DDS
ZillyaTrojan.SelfDel.Win32.65087
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaTrojan:Win32/SelfDel.135cd
K7GWTrojan ( 00598e4e1 )
K7AntiVirusTrojan ( 00598e4e1 )
VirITTrojan.Win32.MulDrop16.CIQB
CyrenW64/Agent.FRJ.gen!Eldorado
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win64/Agent.ABU
APEXMalicious
Paloaltogeneric.ml
CynetMalicious (score: 100)
KasperskyHEUR:Trojan.Win32.SelfDel.pef
BitDefenderGen:Variant.Lazy.317801
AvastWin64:Malware-gen
TencentTrojan.Win64.Selfdel.kb
EmsisoftGen:Variant.Lazy.317801 (B)
F-SecureTrojan.TR/Agent.pvtqe
VIPREGen:Variant.Lazy.317801
TrendMicroTROJ_GEN.R002C0WDQ23
McAfee-GW-EditionBehavesLike.Win64.Generic.vc
SophosMal/Generic-S
SentinelOneStatic AI – Malicious PE
GDataGen:Variant.Lazy.317801
JiangminTrojan.Selfdel.rje
AviraTR/Agent.pvtqe
Antiy-AVLTrojan/Win64.Agent
ArcabitTrojan.Lazy.D4D969
ViRobotTrojan.Win.Z.Selfdel.2407600.CN
ZoneAlarmHEUR:Trojan.Win32.SelfDel.pef
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
GoogleDetected
AhnLab-V3Trojan/Win.Generic.C5401346
Acronissuspicious
VBA32Trojan.Win64.SelfDel
ALYacGen:Variant.Lazy.317801
MAXmalware (ai score=80)
Cylanceunsafe
PandaTrj/Chgt.AD
TrendMicro-HouseCallTROJ_GEN.R002C0WDQ23
RisingTrojan.Agent/x64!1.CA03 (CLASSIC)
IkarusTrojan.Win64.Agent
MaxSecureTrojan.Malware.121218.susgen
FortinetW64/Agent.ABU!tr
AVGWin64:Malware-gen
DeepInstinctMALICIOUS

How to remove Lazy.317801?

Lazy.317801 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment