Malware

Lazy.439579 (B) removal instruction

Malware Removal

The Lazy.439579 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Lazy.439579 (B) virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • A file was accessed within the Public folder.
  • Sample contains Overlay data
  • Reads data out of its own binary image
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • CAPE detected the shellcode get eip malware family
  • Creates a copy of itself
  • Deletes executed files from disk
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Lazy.439579 (B)?



File Info:

name: 533E56BDFF9465F8A288.mlw
path: /opt/CAPEv2/storage/binaries/cb48afa1f52e0a1f6de18f18a4b13f2ab01f0b66aacbcc03e3ddd68bcc8c053c
crc32: A5C69A57
md5: 533e56bdff9465f8a288f6b38b5b9098
sha1: 021f8f9296a43f26f2cd695a0fc1ad1a4ed037b0
sha256: cb48afa1f52e0a1f6de18f18a4b13f2ab01f0b66aacbcc03e3ddd68bcc8c053c
sha512: 11e38a3598744b1e940c2c1590006beeb5e50866e35cabc35c1fa20372b0985a9e988f35658e434fc1d9136685f8ee5cfd9b1469ca58f638d281d6de4cf81354
ssdeep: 24576:H9r8XMYh6XFRbf0ezEM4dmv5BJtOtEM4dmv58:CXVo7bf0ezj425zUtj4258
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1D3F4D086725CDE92CDBA3B3F1959B2277442AD3FEA2A504F5458C30B4553CFB92CB260
sha3_384: d1fd17b8780b545105cbf537af58014723e2a980f3bf0bf3c5604ac935dbf5d1dc61879e1ff53afb8c8f598ac2dba721
ep_bytes: 4f6370101f3ac4971aebfd06d8a895bc
timestamp: 1971-05-16 00:00:00


Version Info:

CompanyName: Wayne J. Radburn
FileDescription: PE/COFF File Viewer
FileVersion: 0.9.9.0
InternalName: PEview
LegalCopyright: Copyright© 1997-2011 Wayne J. Radburn
OriginalFilename: PEview.exe
ProductName: PEview
ProductVersion: 0.9.9.0
Translation: 0x0409 0x04e4

Lazy.439579 (B) also known as:

BkavW32.AIDetectMalware
tehtrisGeneric.Malware
MicroWorld-eScanGen:Variant.Lazy.439579
FireEyeGeneric.mg.533e56bdff9465f8
SkyhighBehavesLike.Win32.RAHack.bc
McAfeeTrojan-FVOQ!533E56BDFF94
MalwarebytesGeneric.Malware.AI.DDS
ZillyaTrojan.Kryptik.Win32.3766585
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 0001b3411 )
K7GWTrojan ( 0001b3411 )
CrowdStrikewin/malicious_confidence_100% (D)
BitDefenderThetaGen:NN.ZexaF.36802.W83@aSUsTC
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Kryptik_AGen.BGV
APEXMalicious
ClamAVWin.Packed.Razy-9786051-0
KasperskyVHO:Trojan.Win32.Copak.gen
BitDefenderGen:Variant.Lazy.439579
NANO-AntivirusTrojan.Win32.Kryptik.ffmucm
AvastWin32:TrojanX-gen [Trj]
TencentTrojan.Win32.Kryptik.gify
EmsisoftGen:Variant.Lazy.439579 (B)
F-SecureTrojan.TR/Patched.Ren.Gen
DrWebTrojan.PackedENT.111
VIPREGen:Variant.Lazy.439579
Trapminesuspicious.low.ml.score
SophosMal/Inject-GJ
SentinelOneStatic AI – Malicious PE
MAXmalware (ai score=81)
JiangminTrojan.Generic.comaa
GoogleDetected
AviraTR/Patched.Ren.Gen
VaristW32/Dacic.E.gen!Eldorado
Antiy-AVLGrayWare/Win32.Kryptik.gifq
MicrosoftTrojan:Win32/Barys.GMA!MTB
XcitiumTrojWare.Win32.Kryptik.TLS@812zm8
ArcabitTrojan.Lazy.D6B51B
ZoneAlarmVHO:Trojan.Win32.Copak.gen
GDataWin32.Trojan.PSE.109W4IM
CynetMalicious (score: 100)
Acronissuspicious
VBA32Trojan.Khalesi
ALYacGen:Variant.Lazy.439579
TACHYONTrojan/W32.Selfmod
Cylanceunsafe
PandaTrj/Genetic.gen
RisingTrojan.Kryptik!1.B34D (CLASSIC)
YandexTrojan.Agent!RRuFJhSd6qY
IkarusTrojan.Patched
FortinetW32/Kryptik.GIFQ!tr
AVGWin32:TrojanX-gen [Trj]
Cybereasonmalicious.dff946
DeepInstinctMALICIOUS

How to remove Lazy.439579 (B)?

Lazy.439579 (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment