Malware

Lazy.40738 information

Malware Removal

The Lazy.40738 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Lazy.40738 virus can do?

  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Network activity detected but not expressed in API logs

How to determine Lazy.40738?



File Info:

name: BAFF1980F0FC1B426844.mlw
path: /opt/CAPEv2/storage/binaries/2c90513b850bcbc2d4d00bbf0606b77f85d28e5a8430793153eb472776051670
crc32: F21763E9
md5: baff1980f0fc1b4268449ea3fa293e3c
sha1: 417b8096f7b6ec88ee446f35344656edf05c59ec
sha256: 2c90513b850bcbc2d4d00bbf0606b77f85d28e5a8430793153eb472776051670
sha512: cf9193bea06433cad5567672338d9593607b655a137d9ed98d78f705daf34fed7fc7e3f501a6f0655a02540b3e5f0b0d4b0fd9ae5a248e37f943fadd5ef59bbb
ssdeep: 12288:bRf70CixBFmuFM28wYADyZALQI5OX2lKsPpWscuo17Ze:p70Ci1LB7vuGLQI5FlKshWhL17Y
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T100B40144A7780226CA9D0B7664B55355237FBD2EF929C72E3AC974A81EF330247225CF
sha3_384: 2ddd83680291e72ec36cbff139e05422bed856bdd900604a94720afddbef1aa6192ecd8240da2143a739aa14e2ad0779
ep_bytes: ff250020400036000000ad0e00000800
timestamp: 2021-11-25 07:49:54


Version Info:

Translation: 0x0000 0x04b0
Comments: 
CompanyName: Rogers Peet
FileDescription: Biblan
FileVersion: 5.6.0.0
InternalName: Debugg.exe
LegalCopyright: Copyright © Rogers Peet
LegalTrademarks: 
OriginalFilename: Debugg.exe
ProductName: Biblan
ProductVersion: 5.6.0.0
Assembly Version: 8.0.6.0

Lazy.40738 also known as:

Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.GenericKDZ.80718
FireEyeGeneric.mg.baff1980f0fc1b42
K7AntiVirusTrojan ( 0058ae7c1 )
CyrenW32/MSIL_Kryptik.GEB.gen!Eldorado
SymantecScr.Malcode!gdn30
ESET-NOD32a variant of MSIL/Kryptik.ADOI
KasperskyHEUR:Trojan-Spy.MSIL.Noon.gen
BitDefenderTrojan.GenericKDZ.80718
AvastWin32:PWSX-gen [Trj]
Ad-AwareTrojan.GenericKDZ.80718
EmsisoftTrojan.GenericKDZ.80718 (B)
DrWebTrojan.Siggen15.53056
McAfee-GW-EditionBehavesLike.Win32.Generic.hc
SophosTroj/Krypt-FD
APEXMalicious
GDataTrojan.GenericKDZ.80718
AviraTR/Kryptik.kmqcd
KingsoftWin32.Troj.Undef.(kcloud)
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win.Generic.C4789159
ALYacGen:Variant.Lazy.40738
MAXmalware (ai score=80)
MalwarebytesBackdoor.Remcos
YandexTrojan.GenKryptik!Kcn0N2TuQlE
SentinelOneStatic AI – Malicious PE
FortinetMSIL/GenKryptik.FOAM!tr
AVGWin32:PWSX-gen [Trj]
PandaTrj/GdSda.A

How to remove Lazy.40738?

Lazy.40738 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment