Malware

Lazy.370380 (file analysis)

Malware Removal

The Lazy.370380 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Lazy.370380 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Deletes executed files from disk

How to determine Lazy.370380?



File Info:

name: 88FC54A49A3D737628A4.mlw
path: /opt/CAPEv2/storage/binaries/3379b2935cb4abc320b3cc51246187ce2e51ce1eaaeee08eadeef86088ab8f6a
crc32: 28F0233F
md5: 88fc54a49a3d737628a4041c206ae91e
sha1: 5acd294e31ead04d576617d26006371e564b258b
sha256: 3379b2935cb4abc320b3cc51246187ce2e51ce1eaaeee08eadeef86088ab8f6a
sha512: 97cce3bef128b89cce2994e6e8c81a2ff2d39deefb6c0f3d65035d01dd46eb3fb04d15ecae3933da241d6ddae7e48a1682dbc93cd9ac8438c1f49231764319d0
ssdeep: 49152:hvNsD+nAWu848GfzfZ4kLKzKEZnMPb4H0MJW4:hFsDj848Gfzh4kL2MD4fJ1
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T13A7533F83BC3A388F4284D3BD4394A7A95D2C31493B4BBEE5D27E60E20D5095D66E607
sha3_384: 3678eaff95690e7a2c639ca155bf0e4f643074dcf1ec8c0d00a5e2f286317bc6e09b5faae7c0c20e8445591d967bd468
ep_bytes: b9000000005621c381e8428a2edf5a81
timestamp: 1970-01-01 00:00:00


Version Info:

0: [No Data]

Lazy.370380 also known as:

BkavW32.AIDetectMalware
LionicRiskware.Win32.BitCoinMiner.1!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Lazy.370380
FireEyeGeneric.mg.88fc54a49a3d7376
SkyhighBehavesLike.Win32.Generic.tc
ALYacGen:Variant.Lazy.370380
MalwarebytesTrojan.MalPack.Generic
ZillyaTrojan.Copak.Win32.116667
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 0058c5ff1 )
BitDefenderGen:Variant.Lazy.370380
K7GWTrojan ( 0058c5ff1 )
Cybereasonmalicious.e31ead
BitDefenderThetaGen:NN.ZexaF.36792.InZ@aCzs!dd
SymantecML.Attribute.HighConfidence
tehtrisGeneric.Malware
ESET-NOD32a variant of Win32/Kryptik.HITO
APEXMalicious
ClamAVWin.Trojan.Ulise-9891915-0
KasperskyTrojan.Win32.Copak.fuli
NANO-AntivirusRiskware.Win32.BitCoinMiner.kazekc
RisingTrojan.Injector!1.C865 (CLASSIC)
EmsisoftGen:Variant.Lazy.370380 (B)
F-SecureTrojan.TR/Crypt.ULPM.Gen
DrWebTrojan.Packed2.43250
VIPREGen:Variant.Lazy.370380
SophosMal/Generic-R
IkarusTrojan.Win32.Injector
JiangminTrojan.Generic.hactz
GoogleDetected
AviraTR/Crypt.ULPM.Gen
VaristW32/CoinMiner.CQ.gen!Eldorado
Antiy-AVLGrayWare/Win32.Kryptik.ffp
MicrosoftTrojan:Win32/Wacatac.B!ml
XcitiumPacked.Win32.MUPX.Gen@24tbus
ArcabitTrojan.Lazy.D5A6CC
ZoneAlarmTrojan.Win32.Copak.fuli
GDataGen:Variant.Lazy.370380
CynetMalicious (score: 100)
AhnLab-V3Malware/Win32.Generic.R369407
McAfeeGenericRXAA-FA!88FC54A49A3D
MAXmalware (ai score=86)
DeepInstinctMALICIOUS
VBA32Trojan.Packed
Cylanceunsafe
PandaTrj/Genetic.gen
TencentTrojan.Win32.Coinminer.yi
YandexTrojan.Kryptik!M3aADG0IKU8
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.74654884.susgen
FortinetW32/Kryptik.EAHK!tr
AVGWin32:CoinminerX-gen [Trj]
AvastWin32:CoinminerX-gen [Trj]
CrowdStrikewin/malicious_confidence_100% (D)

How to remove Lazy.370380?

Lazy.370380 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment