Malware

Lazy.386952 (B) removal

Malware Removal

The Lazy.386952 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Lazy.386952 (B) virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • CAPE detected the shellcode get eip malware family
  • Binary file triggered YARA rule
  • Touches a file containing cookies, possibly for information gathering
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Lazy.386952 (B)?



File Info:

name: 9EA09F31B75D1BD277F4.mlw
path: /opt/CAPEv2/storage/binaries/5834e0ac2d1b1fed3e062f760f3ae5e365846bac1e175d252b2ad7911cb6ab78
crc32: B6E6A817
md5: 9ea09f31b75d1bd277f40debe3d9df59
sha1: ac4279ac05f61999a9166e50a8a52fc1c7d87d9d
sha256: 5834e0ac2d1b1fed3e062f760f3ae5e365846bac1e175d252b2ad7911cb6ab78
sha512: c16805fc793c39573ef0d17c297541fc7583bbc8c2e6b31ba120d7d4e5a0ad8f3edd5f9ee33fbfc5cd37ef3e04c454507d09a671a74af0b5beba85c40747a2d9
ssdeep: 98304:2gS7zUqP3Pr+11d/5ULdK5AduRfz/cXu2f/jgHilQs2jvhCCwjSm1n3DZDp:8z/3Pa11/ROuRfz/ce+TQ5g33D
type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
tlsh: T15186BF21C642B62AF8E704B18A7E526EA118B770073851C3D3CC6D5F66FE6D36E31A17
sha3_384: 72cd5d537da70ce2ba8d111a9988f20bfb9963eec1864e3a332d7027360494af02abbc6e1610554b28d93913d2ff49c7
ep_bytes: 558bec837d0c017505e815000000ff75
timestamp: 2021-02-24 09:57:05


Version Info:

Applicability: Accessibility, Reflow, eBooks, and Document Repurposing
Comments: This plug-in creates a Tagged (structured) PDF
CompanyName: Adobe Systems Incorporated
FileDescription: Adobe Acrobat Make Accessible Plug-in
FileVersion: 21.1.20142.424128
LegalCopyright: Copyright 1984-2021 Adobe Systems Incorporated and its licensors. All rights reserved.
LegalTrademarks: Adobe, Acrobat and the Acrobat logo are trademarks of Adobe Systems Incorporated which may be registered in certain jurisdictions.
OriginalFilename: MakeAccessible.api
ProductName: Adobe Acrobat Make Acccessible
ProductVersion: 21.1.20142.424128
Translation: 0x0409 0x04e4

Lazy.386952 (B) also known as:

BkavW32.AIDetectMalware
AVGWin32:Patched-AWW [Trj]
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Lazy.386952
SkyhighBehavesLike.Win32.Generic.wc
VIPREGen:Variant.Lazy.386952
K7AntiVirusTrojan ( 005ab4bf1 )
K7GWTrojan ( 005ab4bf1 )
ESET-NOD32a variant of Win32/Patched.NKO
CynetMalicious (score: 100)
ClamAVWin.Ransomware.Lazy-10007928-0
KasperskyVirus.Win32.Senoval.a
BitDefenderGen:Variant.Lazy.386952
NANO-AntivirusVirus.Win32.Gen-Crypt.ccnc
AvastWin32:Patched-AWW [Trj]
TencentTrojan.Win32.Pathced_ya.16001052
EmsisoftGen:Variant.Lazy.386952 (B)
F-SecureTrojan.TR/Patched.Gen
DrWebWin32.Beetle.3
FireEyeGeneric.mg.9ea09f31b75d1bd2
SophosW32/Patched-CD
IkarusTrojan.Win32.Patched
VaristW32/Patched.GQ1.gen!Eldorado
AviraTR/Patched.Gen
MicrosoftTrojan:Win32/Doina!pz
ArcabitTrojan.Lazy.D5E788
ZoneAlarmVirus.Win32.Senoval.a
GDataGen:Variant.Lazy.386952
GoogleDetected
AhnLab-V3Trojan/Win.Generic.R605109
ALYacGen:Variant.Lazy.386952
MAXmalware (ai score=82)
PandaTrj/Genetic.gen
RisingTrojan.Generic@AI.100 (RDML:dhjzPAvOIv1D4OquiEuuJA)
SentinelOneStatic AI – Suspicious PE
MaxSecureTrojan.Malware.121218.susgen
FortinetW32/Patched.IP!tr

How to remove Lazy.386952 (B)?

Lazy.386952 (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment