Malware

Lazy.386539 information

Malware Removal

The Lazy.386539 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Lazy.386539 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Lazy.386539?



File Info:

name: 91D96500701E1E1652E2.mlw
path: /opt/CAPEv2/storage/binaries/6c914499328db7193a1e6743411621ea4238de7eae7e18aeaf2e1b231c95339a
crc32: EED05D02
md5: 91d96500701e1e1652e2462ef6954a5f
sha1: c98203aae23958af03654584c43afd5b3ded7e3c
sha256: 6c914499328db7193a1e6743411621ea4238de7eae7e18aeaf2e1b231c95339a
sha512: 408da5d08d08d7ec6494170593fe401f7cc29d88f4a260d22df8c6abb9781ef125296250c4c52984f6be287fdeb662c12cc2e8f72f0f96b278dc3fac7ed34c2c
ssdeep: 6144:DuHGWNt24Rd9ybhfV30mCjrjd15sQm13iAZwvmc2IkL09srQgqj:uLXeys9ZwvmcAL09srQ
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1AD64CF123BE98DF2DA0501767A24B3658355F5A30F505ADB7A091B9C687EEC60C383FB
sha3_384: ae7ae4d95e22389055126908f1244257a4fd0717ae18c52450d792438a5e3202273e5696beaa5c6512af6ee61ed55f2a
ep_bytes: e8b5060000e978feffff558bec6a00ff
timestamp: 2021-02-14 22:30:13


Version Info:

CompanyName: Adobe Systems Incorporated
FileDescription: Eula display
FileVersion: 21.1.20138.422477
InternalName: Eula.exe
LegalCopyright: Copyright 2010-2021 Adobe Systems Incorporated.  All rights reserved.
OriginalFilename: Eula.exe
ProductName: EULA
ProductVersion: 21.1.20138.422477
Translation: 0x0409 0x04e4

Lazy.386539 also known as:

BkavW32.AIDetectMalware
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Lazy.386539
FireEyeGeneric.mg.91d96500701e1e16
MalwarebytesMalware.AI.1448674162
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_90% (D)
CyrenW32/Patched.GN.gen!Eldorado
ESET-NOD32a variant of Win32/Patched.IP
KasperskyHEUR:Trojan-Ransom.Win32.Gen.pef
BitDefenderGen:Variant.Lazy.386539
NANO-AntivirusVirus.Win32.Gen-Crypt.ccnc
AvastWin32:TrojanX-gen [Trj]
EmsisoftGen:Variant.Lazy.386539 (B)
DrWebWin32.HLLP.Siggen.57
VIPREGen:Variant.Lazy.386539
Trapminemalicious.high.ml.score
GDataGen:Variant.Lazy.386539
MAXmalware (ai score=83)
Antiy-AVLTrojan/Win32.Patched
ArcabitTrojan.Lazy.D5E5EB
ZoneAlarmHEUR:Trojan-Ransom.Win32.Gen.pef
MicrosoftTrojan:Win32/Sabsik.RD.A!ml
GoogleDetected
AhnLab-V3Trojan/Win.Generic.R603425
ALYacGen:Variant.Lazy.386539
VBA32BScope.TrojanDownloader.Emotet
RisingTrojan.Generic@AI.100 (RDML:s9PdhlxY1Axbhw+xE2V1Dg)
FortinetW32/Patched.IP!tr
AVGWin32:TrojanX-gen [Trj]
DeepInstinctMALICIOUS

How to remove Lazy.386539?

Lazy.386539 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment