Malware

Lazy.87277 removal

Malware Removal

The Lazy.87277 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Lazy.87277 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Presents an Authenticode digital signature
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • A process created a hidden window
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Deletes its original binary from disk
  • CAPE detected the CryptBot malware family
  • Attempts to identify installed AV products by installation directory
  • Checks the CPU name from registry, possibly for anti-virtualization
  • Anomalous binary characteristics
  • Uses suspicious command line tools or Windows utilities

How to determine Lazy.87277?



File Info:

name: DAB59D4C2B2712C44B81.mlw
path: /opt/CAPEv2/storage/binaries/3f8d537185338aac8628e106d84d3c24e04049856aaab14530936d7c7b877881
crc32: FBF3E58F
md5: dab59d4c2b2712c44b818f2f2a41564b
sha1: b9932684b5e41dd5972e11ee80abbed934b9ea5e
sha256: 3f8d537185338aac8628e106d84d3c24e04049856aaab14530936d7c7b877881
sha512: ba5ac2b911d74d8b72ffbdbc0d40f4da5da2854db46c6be479eace26b4f5632a875eefc592815a5d64429d76e175c16f23d0a476bae47dc123de45b116477f24
ssdeep: 6144:E2UV62/Sgj6PjZc+Sj3E3IiOAZimcJF78UelodJ8oFefFw:4vKTOw4de8JF4UeldoEfF
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T169F53CEE0D09994ED06592743998CAECF2135DAFD1008ABB6FC6310639D7F181AFC96D
sha3_384: 8f5a0211ff4273e71d953d00f8676b06f26f963a3c223ecda7e8b57ca84f03d2243c529ac415c140d346394183ec37c9
ep_bytes: 89d0ff1570bf590068a6744000c38b75
timestamp: 2021-12-11 02:10:37


Version Info:

FileVersion: 8, 5, 9, 5
Comments: Ungallantness
CompanyName: Circumscissile
InternalName: Chichipate
Essene: Speciation
Nonalcohol: Tremolant
Irenicon: Hasan
Iconometry: Unstamped
Zamouse: Photonastic
Perpetualness: Lipoxeny
Sulfonephthalein: Fumarole
Ablepharous: Acetosity
Toadlike: Coronize
Moonja: Exhalation
Ectrogenic: Rabbitwood
Casuistic: Kamachile
Gargoylish: Contortive
Impostorship: Unmaze
Orpheum: Phantasiast
Versioner: Kitamat
Pir: Trisaccharose
Jaculiferous: Mennonist
Bidding: Gonadotropic
Citywards: Interpolatively
Urinomancy: Undersatisfaction
Overgeneral: Unconformableness
Akasa: Postlachrymal
Recirculate: Parthenogonidium
Coelastrum: Fumarole
Cystogenesis: Epiparasite
Effable: Disproportionateness
Wheyish: Hemiageusia
Rectorate: Acurative
Faradomuscular: Uranostaphyloplasty
Paysagist: Sudoriferous
Fibrohemorrhagic: Encamp
Pollbook: Flanked
Reki: Schellingism
Reworked: Bicorne
Remould: Senlac
Phosphorite: Sketchee
Trottles: Succussion
Catholicalness: Habronema
Wabby: Julian
Warnish: Warnish
Achlamydate: Chaetopoda
Elementalist: Beadsman
Hormigo: Gardenmaker
Scryer: Ascidium
Incommunicatively: Mourningly
Phytoecological: Gewgawish
Backswept: Toxically
Threadfin: Lactyl
Pneumatocystic: Demosthenic
Myectomy: Velometer
Galvanoplastics: Modificative
Temporaneousness: Unsister
Dichotomal: Sparid
Spellwork: Abdest
LegalTrademarks: Eruptiveness
PrivateBuild: Redecimate
Translation: 0x0409 0x04e4

Lazy.87277 also known as:

Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Lazy.87277
FireEyeGeneric.mg.dab59d4c2b2712c4
ALYacGen:Variant.Lazy.87277
CylanceUnsafe
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 0058b9521 )
AlibabaTrojan:Win32/SelfDel.6d6958a6
K7GWTrojan ( 0058b9521 )
Cybereasonmalicious.c2b271
VirITTrojan.Win32.Agent.BWB
CyrenW32/Kryptik.FYC.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/GenKryptik.FMYD
APEXMalicious
Paloaltogeneric.ml
KasperskyTrojan.Win32.SelfDel.hvzx
BitDefenderGen:Variant.Lazy.87277
AvastWin32:TrojanX-gen [Trj]
TencentWin32.Trojan.Selfdel.Wugz
Ad-AwareGen:Variant.Lazy.87277
EmsisoftGen:Variant.Lazy.87277 (B)
DrWebTrojan.DownLoader44.14504
TrendMicroTROJ_GEN.R002C0WLB21
McAfee-GW-EditionArtemis!Trojan
SophosMal/Generic-S
SentinelOneStatic AI – Suspicious PE
GDataGen:Variant.Lazy.87277
AviraTR/AD.GenSteal.tfrva
GridinsoftRansom.Win32.Wacatac.sa
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
CynetMalicious (score: 100)
AhnLab-V3Malware/Win.Generic.C4834395
McAfeeArtemis!DAB59D4C2B27
MAXmalware (ai score=86)
VBA32BScope.Trojan.SelfDel
TrendMicro-HouseCallTROJ_GEN.R002C0WLB21
RisingTrojan.GenKryptik!8.AA55 (CLOUD)
YandexTrojan.SelfDel!jF7abmZ7UOM
FortinetW32/Kryptik.HNPV!tr
BitDefenderThetaAI:Packer.6D46E3E721
AVGWin32:TrojanX-gen [Trj]
PandaGeneric Suspicious
CrowdStrikewin/malicious_confidence_90% (W)

How to remove Lazy.87277?

Lazy.87277 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment