Malware

Lazy.495633 information

Malware Removal

The Lazy.495633 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Lazy.495633 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Lazy.495633?



File Info:

name: 2AD7D8BD57C920334E53.mlw
path: /opt/CAPEv2/storage/binaries/01276701a6286e402da9b53be9cb9ddd0d79d8521856ee1f18c3f34b10a767da
crc32: 0FAFFF76
md5: 2ad7d8bd57c920334e536c38ddd3adf2
sha1: bd59e4e4829edf24fc4ae01b462423c43bb5e6b7
sha256: 01276701a6286e402da9b53be9cb9ddd0d79d8521856ee1f18c3f34b10a767da
sha512: 017e150d243f2788866878ab9dc97c58121ae95e5e64b472c935c7ccbaf58470b1af30533698f433000c99b5499dbb57a53301f646552357ad2c0140b52fb630
ssdeep: 6144:YL3Si21LwgxYvwsrWpAVs5uPD6h9EPjcsQ8MRtgY0xwAf1mSYM1y5kfvhepABmE9:51LVXsCpn5K6hKLQ8MboRo+EWh4GmPtw
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T16FA4BE32B668B535ECE221F4854CF3F5726B94701B1483D7A394C7EDAAE5AC11E3029B
sha3_384: be1c0432b746f8e7be58952896703b6c1ae40753e6b6af881bfb7c556acf2f73a1fea2994ce4739982d946d2af903f2e
ep_bytes: 50575229c083c030648b38518b4f0889
timestamp: 2004-12-30 14:21:34


Version Info:

CompanyName: Microsoft Corp., Veritas Software
FileDescription: Logical Disk Manager service process
FileVersion: 2600.2180.503.0
InternalName: dmadmin
LegalCopyright: Copyright © 1985-2000 Microsoft Corporation.  All rights reserved. 
Portions Copyright © 1997-2000 Veritas Software.  All rights reserved.
OriginalFilename: dmadmin.exe
ProductName: Logical Disk Manager for Windows NT
ProductVersion: 1.0
Translation: 0x0409 0x04e4

Lazy.495633 also known as:

BkavW32.AIDetectMalware
AVGWin32:Expiro-GX [Inf]
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Lazy.495633
FireEyeGeneric.mg.2ad7d8bd57c92033
SkyhighBehavesLike.Win32.Expiro.gc
McAfeeGeneric Obfuscated.g
Cylanceunsafe
SangforTrojan.Win32.Save.a
AlibabaVirus:Win32/Expiro.ac75dbf7
K7GWVirus ( 00512af51 )
K7AntiVirusVirus ( 00512af51 )
BitDefenderThetaGen:NN.ZexaF.36804.Eq0@au8Mr9li
VirITWin32.Expiro.CP
SymantecML.Attribute.HighConfidence
tehtrisGeneric.Malware
ESET-NOD32a variant of Win32/Expiro.NCJ
CynetMalicious (score: 100)
APEXMalicious
ClamAVWin.Virus.Expiro-6956557-0
KasperskyVirus.Win32.Expiro.ns
BitDefenderGen:Variant.Lazy.495633
NANO-AntivirusVirus.Win32.Gen.ccmw
AvastWin32:Expiro-GX [Inf]
TencentVirus.Win32.Expiro.ae
TACHYONVirus/W32.Expiro
EmsisoftGen:Variant.Lazy.495633 (B)
F-SecureMalware.W32/Expiro.QQ
DrWebWin32.Expiro.134
VIPREGen:Variant.Lazy.495633
Trapminemalicious.high.ml.score
SophosW32/Expiro-AC
SentinelOneStatic AI – Malicious PE
VaristW32/Expiro.A!Generic
AviraW32/Expiro.QQ
Antiy-AVLVirus/Win32.Expiro.cg
Kingsoftmalware.kb.a.990
MicrosoftVirus:Win32/Expiro.EM!bit
XcitiumVirus.Win32.Expiro.CG@79ayaa
ArcabitTrojan.Lazy.D79011
ZoneAlarmVirus.Win32.Expiro.ns
GDataGen:Variant.Lazy.495633
GoogleDetected
VBA32Heur.Trojan.Hlux
ALYacGen:Variant.Lazy.495633
MAXmalware (ai score=83)
MalwarebytesGeneric.Malware.AI.DDS
RisingVirus.Expiro!1.A140 (CLASSIC)
IkarusVirus.Win32.Expiro
FortinetW32/Expiro.CG
DeepInstinctMALICIOUS
alibabacloudVirus:Win/Expiro.AW(dyn)

How to remove Lazy.495633?

Lazy.495633 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment