About “Lazy.393602” infection

The Lazy.393602 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Lazy.393602 virus can do?

Unconventionial binary language: Chinese (Simplified)
Unconventionial language used in binary resources: Chinese (Simplified)
The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid

How to determine Lazy.393602?


File Info:
name: E992A6D56FA159C80329.mlw
path: /opt/CAPEv2/storage/binaries/511be55175f1acfcdbc448e483f915018e6b305e61d10dedd5ec9d0ef456b1dc
crc32: 329C9DB9
md5: e992a6d56fa159c80329372b818191b6
sha1: 823205393ee20ecf2cdd3661c943a547eeb70241
sha256: 511be55175f1acfcdbc448e483f915018e6b305e61d10dedd5ec9d0ef456b1dc
sha512: 01a194c5e369a526cc3554668856f4440352e13c4e8934168b42282c4eff318234dcaed237b3e44809eebdd9067db47bef55f85d306858ca37e595ea6bd44b5b
ssdeep: 12288:jBqD78ZG8B3ioKywkLf5rwqxG+VpDgge0wxQ1DWT3LQqnUlNb:9qD78ZsCrwqZVW8wxqiT3UlB
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T11005AE01B2C780B6DB1504701CAFA779EA75E9840B155FC397ACEE1D1E7E9C2A93720B
sha3_384: b8875414fd5aa460c146553aac2f2104df58ae179740a3283a5239060d0d1470243825cfb2a0db0863d88f455cfeeff5
ep_bytes: 558bec81eca000000053565756575251
timestamp: 2012-05-02 10:55:08

Version Info:
Comments: 
CompanyName: 
FileDescription: AttackEngine
FileVersion: 3.6.1.4242
InternalName: AttackEngine
LegalCopyright: Copyright (C) 2006 - 2011
LegalTrademarks: 
OriginalFilename: AttackEngine.exe
PrivateBuild: 
ProductName: AttackEngine
ProductVersion: 3.6.1.4242
SpecialBuild: 
Translation: 0x0804 0x04b0

Lazy.393602 also known as:

Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.Lazy.4!c
MicroWorld-eScan	Gen:Variant.Lazy.393602
FireEye	Gen:Variant.Lazy.393602
CAT-QuickHeal	Trojan.Vbinject.20147
ALYac	Gen:Variant.Lazy.393602
Cylance	unsafe
Sangfor	Trojan.Win32.Lazy.V1f2
Cybereason	malicious.93ee20
Symantec	ML.Attribute.HighConfidence
APEX	Malicious
BitDefender	Gen:Variant.Lazy.393602
NANO-Antivirus	Trojan.Win32.KillAV.xsfmx
Avast	Win32:Malware-gen
Sophos	ML/PE-A
VIPRE	Gen:Variant.Lazy.393602
McAfee-GW-Edition	BehavesLike.Win32.Infected.ch
Trapmine	malicious.moderate.ml.score
Emsisoft	Gen:Variant.Lazy.393602 (B)
GData	Gen:Variant.Lazy.393602
Jiangmin	TrojanSpy.Agent.zeb
MAX	malware (ai score=86)
Antiy-AVL	GrayWare/Win32.Wacapew
Arcabit	Trojan.Lazy.D60182
Microsoft	Trojan:Win32/Wacatac.B!ml
McAfee	GenericRXHH-CW!E992A6D56FA1
Malwarebytes	Malware.Heuristic.1003
Panda	Trj/Genetic.gen
TrendMicro-HouseCall	TROJ_GEN.R002H0CIO23
Rising	Trojan.Generic@AI.86 (RDML:wajOwU8bF6sHHzLO2H3Tyw)
SentinelOne	Static AI – Suspicious PE
Fortinet	W32/PossibleThreat
BitDefenderTheta	Gen:NN.ZexaE.36722.0C0@aS7UHrnb
AVG	Win32:Malware-gen
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_90% (W)

How to remove Lazy.393602?

Lazy.393602 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X