Malware

Lazy.361963 removal guide

Malware Removal

The Lazy.361963 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Lazy.361963 virus can do?

  • Sample contains Overlay data
  • Uses Windows utilities for basic functionality
  • Reads data out of its own binary image
  • Authenticode signature is invalid
  • A scripting utility was executed
  • Deletes executed files from disk
  • Anomalous binary characteristics

How to determine Lazy.361963?



File Info:

name: EA7DE5B8AF4B00B2E790.mlw
path: /opt/CAPEv2/storage/binaries/0e0e08882bbb6b0dc2688b998aa6fa84fda3d2f50c0c739515f10cc9ed328794
crc32: 0756E7F1
md5: ea7de5b8af4b00b2e790b4d29ca45ba9
sha1: 4eb455a33a30ddec6bfa0b9f496dcac005335495
sha256: 0e0e08882bbb6b0dc2688b998aa6fa84fda3d2f50c0c739515f10cc9ed328794
sha512: ab4e5ddacf559fbba962affe80db5fb993a66464a387ff47203bc1760b5ebc028785228f1f4fd50e3fb0735d6655838e186991b60e79e8d3529b13064a0d08d7
ssdeep: 6144:GZbXm4Gdo71IFNOjhdAOe1Iq1JETCfvh3h:GVm4Gdp6dyPfETCXdh
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1B1546C0874E3C076D672073108F4DAB54A2DBB624D739E6B73D8172DCF72583AA21E66
sha3_384: 78d95a19be3273c72eae3d1cfadc868eb6a97119d99971d59b81852c7c2f948f9cec73114b3dee1b31a4fd27b15f27b8
ep_bytes: e813050000e974feffff558beca168f0
timestamp: 2022-10-08 12:19:58


Version Info:

FileDescription: Description of my application
InternalName: myfile.exe
OriginalFilename: myfile.exe
CompanyName: My Company
LegalCopyright: © My Company. All rights reserved.
ProductName: My App
FileVersion: 1.0.0.0
ProductVersion: 1.0.0.0
Translation: 0x0409 0x04b0

Lazy.361963 also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Pterodo.b!c
AVGWin32:Gamaredon-AH [Drp]
MicroWorld-eScanGen:Variant.Lazy.361963
FireEyeGeneric.mg.ea7de5b8af4b00b2
SkyhighRDN/Generic.hra
McAfeeRDN/Generic.hra
MalwarebytesRiskWare.FlyStudio
ZillyaTrojan.Pterodo.Win32.327
SangforDropper.Win32.Pterodo.Vpmm
K7AntiVirusTrojan ( 0059961c1 )
AlibabaTrojan:VBS/Pterodo.40139f19
K7GWTrojan ( 0059961c1 )
CrowdStrikewin/malicious_confidence_100% (W)
BitDefenderThetaGen:NN.ZexaF.36802.ru2@amyLizci
SymantecTrojan Horse
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Pterodo.BXG
APEXMalicious
KasperskyHEUR:Trojan.VBS.Agent.gen
BitDefenderGen:Variant.Lazy.361963
NANO-AntivirusTrojan.Win32.Nekark.jtkcss
AvastWin32:Gamaredon-AH [Drp]
TencentMalware.Win32.Gencirc.13bb42c4
EmsisoftGen:Variant.Lazy.361963 (B)
F-SecureHeuristic.HEUR/AGEN.1313266
DrWebTrojan.Siggen26.48680
VIPREGen:Variant.Lazy.361963
TrendMicroTrojan.Win32.PTERODO.VSNW03B24
SophosMal/Generic-S
VaristW32/ABTrojan.CHAG-1751
AviraHEUR/AGEN.1313266
MAXmalware (ai score=100)
Antiy-AVLTrojan[APT]/Win32.Gamaredon
KingsoftWin32.Troj.Unknown.a
MicrosoftTrojan:Win32/Casdet!rfn
ArcabitTrojan.Lazy.D585EB
ViRobotTrojan.Win32.S.Agent.282995
ZoneAlarmHEUR:Trojan.VBS.Agent.gen
GDataGen:Variant.Lazy.361963
GoogleDetected
AhnLab-V3Trojan/Win.Generic.C5291853
ALYacGen:Variant.Lazy.361963
TACHYONTrojan/W32.Agent.282995
Cylanceunsafe
PandaTrj/Chgt.AD
TrendMicro-HouseCallTrojan.Win32.PTERODO.VSNW03B24
RisingTrojan.Generic@AI.100 (RDML:oGGeAHFX+fgnmTgo+KkrTQ)
YandexTrojan.Pterodo!yFjPGtPNlPc
IkarusTrojan.Win32.Pterodo
MaxSecureTrojan.Malware.73842126.susgen
FortinetW32/PossibleThreat
Cybereasonmalicious.8af4b0
DeepInstinctMALICIOUS

How to remove Lazy.361963?

Lazy.361963 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment