Malware

Lazy.68761 removal tips

Malware Removal

The Lazy.68761 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Lazy.68761 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Presents an Authenticode digital signature
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • A process created a hidden window
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Deletes its original binary from disk
  • CAPE detected the CryptBot malware family
  • Attempts to identify installed AV products by installation directory
  • Checks the CPU name from registry, possibly for anti-virtualization
  • Anomalous binary characteristics
  • Uses suspicious command line tools or Windows utilities

How to determine Lazy.68761?



File Info:

name: 1A2FD99109D654FC7A0C.mlw
path: /opt/CAPEv2/storage/binaries/49e4125972f8c9e7fb64178c8c02f5467f10eecdb903c095e7280dd3ebe233f3
crc32: 510CC70E
md5: 1a2fd99109d654fc7a0cfc622f9cfc9e
sha1: 5bb4c831bd7053b51198d0df8dec09c24cf41799
sha256: 49e4125972f8c9e7fb64178c8c02f5467f10eecdb903c095e7280dd3ebe233f3
sha512: 45570b46178483f76f866b87200cca88360f4dc73e98a7d0767f358be591173115cade1949aaa0c40b534c7b0829a6d6c079d3cd010217ed3aba1adaeb25d821
ssdeep: 12288:Bdrj7/Q3okMjA2b74SIfOvb4MhCBaymTo7b:B5Ey5I2vb5tRgb
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1909529A3AF7B57ACE409CEB9DD50274963F05C0852630BC715A432B7ED286CB7E71622
sha3_384: d0f650f33cdc1d316addf40836110fa39c4a8edc0d6876ed1ef43e39a38651d18d01795ef19c00875f38eeaac3b4a7f9
ep_bytes: 6837970fda588d42546800000000ff15
timestamp: 2021-11-29 04:31:27


Version Info:

CompanyName: Symantec Corporation
FileDescription: Symantec Shared Component Scanner Stub
FileVersion: 18.1.0.37
InternalName: Navwnt
LegalCopyright: Copyright © 2010 Symantec Corporation. All rights reserved.
OriginalFilename: Navwnt.exe
ProductName: Symantec Shared Component
ProductVersion: 18.1
Product Date: 08/14/2010
Translation: 0x0409 0x04b0

Lazy.68761 also known as:

DrWebTrojan.DownLoader44.7873
CynetMalicious (score: 100)
FireEyeGeneric.mg.1a2fd99109d654fc
ALYacGen:Variant.Lazy.68761
CylanceUnsafe
SangforTrojan.Win32.Sabsik.FL
CrowdStrikewin/malicious_confidence_80% (W)
AlibabaTrojan:Win32/SelfDel.8e0b0f6e
K7GWRiskware ( 0040eff71 )
K7AntiVirusRiskware ( 0040eff71 )
BitDefenderThetaGen:NN.ZexaF.34084.5r2@aOg6zyni
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Kryptik.HNNM
TrendMicro-HouseCallTROJ_GEN.R067C0GL621
Paloaltogeneric.ml
KasperskyTrojan.Win32.SelfDel.hvoo
BitDefenderGen:Variant.Lazy.68761
MicroWorld-eScanGen:Variant.Lazy.68761
AvastWin32:Trojan-gen
TencentWin32.Trojan.Selfdel.Dxnj
Ad-AwareGen:Variant.Lazy.68761
SophosMal/Generic-S
TrendMicroTROJ_GEN.R067C0GL621
McAfee-GW-EditionArtemis!Trojan
EmsisoftGen:Variant.Lazy.68761 (B)
IkarusTrojan-Spy.Win32.CoinStealer
GDataWin32.Trojan-Stealer.CoinStealer.OCSCIZ
AviraTR/AD.GenSteal.fxkcn
GridinsoftRansom.Win32.Sabsik.sa
ArcabitTrojan.Lazy.D10C99
MicrosoftTrojan:Win32/Wacatac.B!ml
AhnLab-V3Trojan/Win.CryptBot.C4793957
Acronissuspicious
McAfeeArtemis!1A2FD99109D6
MAXmalware (ai score=80)
VBA32BScope.Trojan.Diple
MalwarebytesTrojan.MalPack
APEXMalicious
RisingTrojan.Kryptik!1.DAA1 (CLASSIC)
YandexTrojan.SelfDel!UnSiqoI6MIg
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.133126562.susgen
FortinetPossibleThreat.PALLASNET.H
AVGWin32:Trojan-gen
PandaTrj/GdSda.A

How to remove Lazy.68761?

Lazy.68761 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment