Should I remove “Lazy.362317”?

The Lazy.362317 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Lazy.362317 virus can do?

Authenticode signature is invalid
CAPE detected the shellcode get eip malware family
Anomalous binary characteristics
Yara detections observed in process dumps, payloads or dropped files

How to determine Lazy.362317?


File Info:
name: ED3B42BC1B8570ACDDD4.mlw
path: /opt/CAPEv2/storage/binaries/43cf6f3a5b0d464d141ed6633ecb60c6ab89eee25340a9696b61dbe3a459f519
crc32: 26296200
md5: ed3b42bc1b8570acddd4aa734df51c22
sha1: 1ba567a026eff7ffce7a2d991ffdb424d9aba7c5
sha256: 43cf6f3a5b0d464d141ed6633ecb60c6ab89eee25340a9696b61dbe3a459f519
sha512: 444a36b1eabff21c125a9da443792e96aa635a2da109c1c7a790e3706a3a8d37007184db5b97678614625ebb4d9a174e99ac58df30c3807d4adba146f450106e
ssdeep: 12288:7YWfGt/sB1KcYmqgZvAMlUoUjG+YKtMfnkOeZb5JYiNAgAPh:7YDt/sBlDqgZQd6XKtiMJYiPU
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T164751207F6C2D03AF8B319B21F795415A42BFE74A709A0DBA2C7694E1DB80D26D35327
sha3_384: 9fa5e97c8d95c001bdc8e76854a223f677a7730593241c265e53efce7836df8be9bcb5bb453238233f2abcd286c6e80a
ep_bytes: e8d3030000e937fdffffcccc68d57b40
timestamp: 2014-11-20 18:03:43

Version Info:
CompanyName: Adobe Systems Incorporated
FileDescription: Adobe Acrobat Update Service
FileVersion: 1.801.10.4720
InternalName: armsvc.exe
LegalCopyright: Copyright © 2013 Adobe Systems Incorporated.  All rights reserved.
OriginalFilename: armsvc.exe
ProductName: Adobe Acrobat Update Service
ProductVersion: 1.801.10.4720
Translation: 0x0409 0x04b0

Lazy.362317 also known as:

Bkav	W32.AIDetectMalware
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Lazy.362317
Skyhigh	BehavesLike.Win32.Generic.tt
Sangfor	Suspicious.Win32.Save.a
CrowdStrike	win/malicious_confidence_100% (D)
Symantec	ML.Attribute.HighConfidence
APEX	Malicious
ClamAV	Win.Malware.Expiro-9941636-0
BitDefender	Gen:Variant.Lazy.362317
Emsisoft	Gen:Variant.Lazy.362317 (B)
TrendMicro	Virus.Win32.EXPIRO.JMA
FireEye	Gen:Variant.Lazy.362317
Sophos	ML/PE-A
Google	Detected
Varist	W32/Floxif.H.gen!Eldorado
Antiy-AVL	Virus/Win32.Expiro.x
Microsoft	Virus:Win32/Expiro.EB!MTB
Arcabit	Trojan.Lazy.D5874D
GData	Gen:Variant.Lazy.362317
Cynet	Malicious (score: 100)
AhnLab-V3	Malware/Win.JO.C4927954
ALYac	Gen:Variant.Lazy.362317
MAX	malware (ai score=82)
Cylance	unsafe
Ikarus	Virus.Win32.Expiro
MaxSecure	Trojan.Malware.121218.susgen
Fortinet	W32/Expiro.CM
DeepInstinct	MALICIOUS

How to remove Lazy.362317?

Lazy.362317 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X