Lazy.436812 malicious file

The Lazy.436812 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Lazy.436812 virus can do?

CAPE extracted potentially suspicious content
.NET file is packed/obfuscated with SmartAssembly
Authenticode signature is invalid

How to determine Lazy.436812?


File Info:
name: 9122B45A981F31B6260D.mlw
path: /opt/CAPEv2/storage/binaries/776906046dee70e3fbd7ff8ecbc435556cf393869a28c5dc55fda918e2515785
crc32: 6486B4F4
md5: 9122b45a981f31b6260d0e232dc36799
sha1: 313c292a26f73ff1b448ce666659bfe94eb0fcbb
sha256: 776906046dee70e3fbd7ff8ecbc435556cf393869a28c5dc55fda918e2515785
sha512: f37466e3c0c25d056cc6f0584374af7bc36ddd80b4eb5040e1d9b6e90f5a01778d4ada8b88a5dc8d6482093cf0e8b96b8f5a1b291a4a9cdf84a1d539a6290c6f
ssdeep: 3072:pAF6xmnk1/mVK7EpSibsfdEpzyvlaFB0E/0:u6iXqibseyvG
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T155042A49AF5E4A12C18909F6A4E76A01C774DD63978BE70B50C034E89D7F397F882B4E
sha3_384: 5de29a2dfaf5fc44c050a846316e950ebcaa231acdb22824d000c296125d150374966e557f780a7f08efa00c873c51ff
ep_bytes: ff250020400000000000000000000000
timestamp: 2023-11-18 14:15:08

Version Info:
Translation: 0x0000 0x04b0
Comments: SetupTC
CompanyName: Z-H
FileDescription: SetupTC
FileVersion: 3.11.1.0
InternalName: Mcefqnp.exe
LegalCopyright: Copyright © 2009-2016
LegalTrademarks: 
OriginalFilename: Mcefqnp.exe
ProductName: SetupTC
ProductVersion: 3.11.1.0
Assembly Version: 3.11.1.0

Lazy.436812 also known as:

Bkav	W32.Common.2224B3FD
Lionic	Trojan.Win32.Mallox.j!c
MicroWorld-eScan	Gen:Variant.Lazy.436812
ClamAV	Win.Packed.Seraph-10016137-0
FireEye	Gen:Variant.Lazy.436812
Skyhigh	Artemis!Trojan
McAfee	Artemis!9122B45A981F
Cylance	unsafe
Zillya	Downloader.Agent.Win32.537175
Sangfor	Downloader.Msil.Mallox.Vt0e
K7AntiVirus	Trojan-Downloader ( 005a01891 )
Alibaba	Ransom:MSIL/Mallox.e91269d9
K7GW	Trojan-Downloader ( 005a01891 )
BitDefenderTheta	Gen:NN.ZemsilF.36680.lm0@aSMg3Yj
VirIT	Trojan.Win32.MSIL_Heur.A
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of MSIL/TrojanDownloader.Agent.PCL
APEX	Malicious
Cynet	Malicious (score: 100)
Kaspersky	HEUR:Trojan-Ransom.MSIL.Mallox.gen
BitDefender	Gen:Variant.Lazy.436812
Avast	Win32:CrypterX-gen [Trj]
Tencent	Malware.Win32.Gencirc.10bf5f10
Emsisoft	Gen:Variant.Lazy.436812 (B)
F-Secure	Trojan.TR/Dldr.Agent.nplai
VIPRE	Gen:Variant.Lazy.436812
TrendMicro	TROJ_GEN.R049C0XKR23
Sophos	Mal/Generic-S
Ikarus	Trojan.MSIL.Crypt
GData	Gen:Variant.Lazy.436812
Google	Detected
Avira	TR/Dldr.Agent.nplai
Antiy-AVL	Trojan/Win32.Wacatac
Kingsoft	malware.kb.c.985
Arcabit	Trojan.Lazy.D6AA4C
ZoneAlarm	HEUR:Trojan-Ransom.MSIL.Mallox.gen
Microsoft	Trojan:Win32/Wacatac.B!ml
Varist	W32/MSIL_Kryptik.KEB.gen!Eldorado
AhnLab-V3	Trojan/Win.Mardom.C5546367
ALYac	Gen:Variant.Lazy.436812
Malwarebytes	Trojan.Downloader.MSIL
Panda	Trj/Chgt.AD
TrendMicro-HouseCall	TROJ_GEN.R049C0XKR23
Rising	Ransom.Mallox!8.1779D (CLOUD)
SentinelOne	Static AI – Suspicious PE
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	MSIL/Kryptik.AKDT!tr
AVG	Win32:CrypterX-gen [Trj]
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_100% (W)

How to remove Lazy.436812?

Lazy.436812 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X