Malware

Lazy.423828 removal tips

Malware Removal

The Lazy.423828 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Lazy.423828 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • CAPE detected the shellcode get eip malware family
  • Attempts to modify proxy settings
  • Creates a copy of itself
  • Deletes executed files from disk
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Lazy.423828?


File Info:

name: 92EB21EE1DC3AA32F2E0.mlw
path: /opt/CAPEv2/storage/binaries/c6124ccdaf1d50363f34ba7ea83c82721cc9dc9a68ecaf104ae749b10626fef1
crc32: 03492C28
md5: 92eb21ee1dc3aa32f2e098b31e45815b
sha1: 574070ae807e26ec07ac4d0289e67e6e3e5b1852
sha256: c6124ccdaf1d50363f34ba7ea83c82721cc9dc9a68ecaf104ae749b10626fef1
sha512: 02dbf6e71fcffccb6d8ee2ba917c255906f2e44bae225dc2dcc9e7e967f25e5d77c64953ad90d014e409c05b1094e59c43e78ac51c882fbdfd13f2972ffc0dc7
ssdeep: 49152:KpVn0peT5a1jDKbkW0EhgCHFpbq4TTJbiAgE1+EZJQ6Wgp:KTntdmozHFphT95m6v
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T154A5E18E335A42D3E81346399CAFCA7609569EFC9B93D62C30C131DBF6237A48C8191D
sha3_384: 2f338d9f711b4aab4a5c01aa9e4f3d43293cfe17148bf7184e4f48f45381fe554f8033379551bf554c6b8eaeb3b1ccb2
ep_bytes: 944f7845c426fcc2c1c7f553438d9de9
timestamp: 1972-09-27 00:00:00

Version Info:

0: [No Data]

Lazy.423828 also known as:

BkavW32.AIDetectMalware
MicroWorld-eScanGen:Variant.Lazy.423828
FireEyeGeneric.mg.92eb21ee1dc3aa32
SkyhighBehavesLike.Win32.Generic.vc
McAfeeTrojan-FVOQ!92EB21EE1DC3
MalwarebytesGeneric.Malware.AI.DDS
VIPREGen:Variant.Lazy.423828
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 005a45ef1 )
K7GWTrojan ( 005a45ef1 )
CrowdStrikewin/malicious_confidence_100% (D)
BitDefenderThetaGen:NN.ZexaF.36744.d6Z@aqPQx@k
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Kryptik_AGen.BGV
APEXMalicious
ClamAVWin.Packed.Razy-9785185-0
KasperskyVHO:Trojan.Win32.Khalesi.gen
BitDefenderGen:Variant.Lazy.423828
AvastWin32:RATX-gen [Trj]
TencentTrojan.Win32.Selfmod.ka
EmsisoftGen:Variant.Lazy.423828 (B)
GoogleDetected
F-SecureHeuristic.HEUR/AGEN.1369103
ZillyaTrojan.Kryptik.Win32.2678078
SophosTroj/Agent-BFEY
IkarusTrojan.Win32.Glupteba
GDataWin32.Trojan.PSE.11XGYE9
VaristW32/Trojan.ULNO-1867
AviraHEUR/AGEN.1369103
MAXmalware (ai score=84)
Antiy-AVLTrojan/Win32.Kryptik.gify
Kingsoftmalware.kb.a.998
XcitiumTrojWare.Win32.Kryptik.TLS@812zm8
ArcabitTrojan.Lazy.D67794
ZoneAlarmVHO:Trojan.Win32.Khalesi.gen
MicrosoftTrojan:Win32/Glupteba.MT!MTB
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win.BG.C5400712
Acronissuspicious
ALYacGen:Variant.Lazy.423828
TACHYONTrojan/W32.Selfmod
VBA32Trojan.Copak
Cylanceunsafe
PandaTrj/Genetic.gen
RisingTrojan.Kryptik!1.BF57 (CLASSIC)
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Kryptik.GIFQ!tr
AVGWin32:RATX-gen [Trj]
Cybereasonmalicious.e807e2
DeepInstinctMALICIOUS

How to remove Lazy.423828?

Lazy.423828 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment