Malware

Lazy.80542 information

Malware Removal

The Lazy.80542 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Lazy.80542 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • Authenticode signature is invalid
  • Created a process from a suspicious location
  • Anomalous binary characteristics

How to determine Lazy.80542?



File Info:

name: 4566DFC0A64E33368F51.mlw
path: /opt/CAPEv2/storage/binaries/842fccec7f7f23c777d4b8b0dca470043f4727ce9c53cdf3a0cea859957550b9
crc32: 6328EA7F
md5: 4566dfc0a64e33368f51a55f0b4113c4
sha1: 300781de4570574874f646772de60c3d0b0adab6
sha256: 842fccec7f7f23c777d4b8b0dca470043f4727ce9c53cdf3a0cea859957550b9
sha512: 058e6fbbfb9ff9bb9779030b8fbe10c5230573f41d7f5a12ab1d91b974ee43b4e8541631af2ca65c5e6ec347f282082d70e0bb77217ca472828d8048703c5bc7
ssdeep: 24576:9xFYGY9+9d/G7P9lkQ/exnzGn4dLsUvqkaT+0BpCCh+PDedNdUhZuIBWcy0:ON26FOnzGn6LJvqkwnpC+mWd6uIccj
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T125851243F792D0B1D8A900B405668BB64F757D3297BAC4F36FD0796E9E303D0A63264A
sha3_384: 7efbb2fe2f70937b7cf1419d2aadfa829e5786a474a31a0188d4077159dab65b3f2295ac47711cd81629148ab092872b
ep_bytes: e8a61d0000e989feffff8bff565733f6
timestamp: 2012-06-14 16:16:10


Version Info:

Comments: Created with Setup Factory
FileDescription: Setup Application
FileVersion: 9.1.0.0
InternalName: suf_launch
LegalCopyright: Setup Engine Copyright © 2004-2012 Indigo Rose Corporation
LegalTrademarks: Setup Factory is a trademark of Indigo Rose Corporation.
OriginalFilename: suf_launch.exe
ProductName: Setup Factory Runtime
ProductVersion: 9.1.0.0
Translation: 0x0409 0x04e4

Lazy.80542 also known as:

LionicTrojan.Win32.Lazy.4!c
MicroWorld-eScanGen:Variant.Lazy.80542
FireEyeGen:Variant.Lazy.80542
McAfeeArtemis!4566DFC0A64E
APEXMalicious
BitDefenderGen:Variant.Lazy.80542
Ad-AwareGen:Variant.Lazy.80542
McAfee-GW-EditionArtemis
EmsisoftGen:Variant.Lazy.80542 (B)
GDataGen:Variant.Lazy.80542
MAXmalware (ai score=82)
GridinsoftRansom.Win32.Sabsik.sa
ALYacGen:Variant.Lazy.80542
TrendMicro-HouseCallTROJ_GEN.R002H09LB21
MaxSecureTrojan.Malware.121218.susgen

How to remove Lazy.80542?

Lazy.80542 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment