Lazy.389223 information

The Lazy.389223 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Lazy.389223 virus can do?

Performs HTTP requests potentially not found in PCAP.
Authenticode signature is invalid
Attempts to modify proxy settings

How to determine Lazy.389223?


File Info:
name: C7EA9ECF9DDC41051013.mlw
path: /opt/CAPEv2/storage/binaries/eecc27e9ec684d8c25d9c9fc08d418322f44baa41b40c160b6afe0975772320f
crc32: 5D785882
md5: c7ea9ecf9ddc4105101347e752e30386
sha1: 655c57e0abfcaa61b7eace77045cc95616f75998
sha256: eecc27e9ec684d8c25d9c9fc08d418322f44baa41b40c160b6afe0975772320f
sha512: 24c04c663784b735e17b95030aba14817410e7961eb317f6ffac60a69d9851ae34dfa058470c2d1c922d69b5489915b6620ca196014895db538cfc3487a5ac72
ssdeep: 6144:AzUPDnBilHCAqhfzlfCcWzPXNLvwJWY0Ybx6pgLnicda6m5VqFuxKHp+sy1A3YMG:lDBpAqFW/NL/q7zPq+VQhUMZ
type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
tlsh: T135B48E26B381E131C0DD40B63569EBED00BCBA7098B5444BBBD56B2D5EF42D1EE26B13
sha3_384: 3cf7c7bd858e25dc8f5f9ab3ab9187b18ac63faaf2266ef13c24c946b931c0442d6882e1ec6bb9be48f2ec6f12ad0f5d
ep_bytes: 558bec837d0c017505e8369e0000ff75
timestamp: 2021-01-22 15:09:05

Version Info:
0: [No Data]

Lazy.389223 also known as:

Bkav	W32.AIDetectMalware
MicroWorld-eScan	Gen:Variant.Lazy.389223
Skyhigh	BehavesLike.Win32.Generic.hh
Malwarebytes	Generic.Adware.Agent.DDS
Sangfor	Trojan.Win32.Save.a
CrowdStrike	win/grayware_confidence_100% (D)
Arcabit	Trojan.Lazy.D5F067
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win32/Adware.Neoreklami.NW
Cynet	Malicious (score: 100)
APEX	Malicious
Kaspersky	not-a-virus:UDS:AdWare.Win32.Neoreklami.gen
BitDefender	Gen:Variant.Lazy.389223
Avast	Win32:AdwareX-gen [Adw]
Emsisoft	Gen:Variant.Lazy.389223 (B)
VIPRE	Gen:Variant.Lazy.389223
FireEye	Generic.mg.c7ea9ecf9ddc4105
Sophos	Generic ML PUA (PUA)
Ikarus	PUA.Neoreklami
Varist	W32/S-b97e0b9f!Eldorado
ZoneAlarm	not-a-virus:UDS:AdWare.Win32.Neoreklami.gen
GData	Gen:Variant.Lazy.389223
Google	Detected
AhnLab-V3	Adware/Win.Generic.R608751
ALYac	Gen:Variant.Lazy.389223
Cylance	unsafe
Rising	Trojan.Generic@AI.100 (RDML:TYwUOchya9StdoR4Wq+EtA)
SentinelOne	Static AI – Malicious PE
Fortinet	Adware/Neoreklami
BitDefenderTheta	Gen:NN.ZedlaF.36680.Gu4@aqnd7Dj
AVG	Win32:AdwareX-gen [Adw]
DeepInstinct	MALICIOUS

How to remove Lazy.389223?

Lazy.389223 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X