Malware

How to remove “Razy.11545”?

Malware Removal

The Razy.11545 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Razy.11545 virus can do?

  • Anomalous file deletion behavior detected (10+)
  • Dynamic (imported) function loading detected
  • Enumerates running processes
  • Expresses interest in specific running processes
  • Repeatedly searches for a not-found process, may want to run with startbrowser=1 option
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • Authenticode signature is invalid
  • Installs itself for autorun at Windows startup
  • Installs itself for autorun at Windows startup
  • Likely virus infection of existing system binary
  • Creates a copy of itself

How to determine Razy.11545?



File Info:

name: 27F3B7CF450067E1F1D7.mlw
path: /opt/CAPEv2/storage/binaries/d679b5918e930293efdb1c6d8715597564e28db1530aef8b1cc9ab27b29cea8c
crc32: 37AA4BEF
md5: 27f3b7cf450067e1f1d7f73a342dfa77
sha1: 3c795f97e79f996ac142035ef0c8e503286ae56e
sha256: d679b5918e930293efdb1c6d8715597564e28db1530aef8b1cc9ab27b29cea8c
sha512: 330005a1f12ade7420a4677d0f2c27830ae8e589f0c7551e836cf2f49466f01410751e59fa4804ff36c2118902fe06f82f8b709324ab46dccb5aec61cc26e111
ssdeep: 6144:Z4yt8EI3GSaVyF/a1is3NHRL+SAv4bJuKcj6xQx9RBP8sqwLcJjbXb:xi3Va1i6HRKSAGuKhap8sqwL0jD
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1FA74F6BCCD4154EEED82A178C416BBB3EBBD2154A3E860D75284B764287C8D4C97B70B
sha3_384: 61587a04401e1a9fe1e0dd817e2bc53c9d33c94934a5c7dfa0d99fe3d6e56fe4c4ddc761579e5c262ab7c591b2cb56d5
ep_bytes: 558bec83ec08535783cfff66013de8b3
timestamp: 2015-12-23 05:08:44


Version Info:

0: [No Data]

Razy.11545 also known as:

BkavW32.AIDetect.malware1
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Razy.11545
FireEyeGeneric.mg.27f3b7cf450067e1
CAT-QuickHealAdware.Kazy.BC4
ALYacGen:Variant.Razy.11545
CylanceUnsafe
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 004db0c61 )
K7GWTrojan ( 004da1e61 )
Cybereasonmalicious.f45006
CyrenW32/Nivdort.F.gen!Eldorado
SymantecTrojan.Bayrob!gen6
ESET-NOD32a variant of Win32/Bayrob.AQ
APEXMalicious
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Variant.Razy.11545
NANO-AntivirusTrojan.Win32.Dwn.dzonhv
AvastWin32:Malware-gen
TencentTrojan.Win32.BitCoinMiner.la
Ad-AwareGen:Variant.Razy.11545
EmsisoftGen:Variant.Razy.11545 (B)
DrWebTrojan.DownLoader18.44671
TrendMicroTROJ_BAYROB.SM1
McAfee-GW-EditionBehavesLike.Win32.Generic.fh
SophosML/PE-A + Troj/Nivdort-CZ
IkarusTrojan.Win32.Bayrob
GDataGen:Variant.Razy.11545
JiangminTrojan.Agent.nku
AviraTR/Nivdort.Gen2
MAXmalware (ai score=81)
Antiy-AVLTrojan/Generic.ASMalwS.1661552
MicrosoftTrojanSpy:Win32/Nivdort.CW
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Agent.R170875
McAfeeTrojan-FHPD!27F3B7CF4500
VBA32BScope.TrojanSpy.Nivdort
MalwarebytesTrojan.Bayrob.Generic
TrendMicro-HouseCallTROJ_BAYROB.SM1
RisingMalware.Heuristic!ET#100% (RDMK:cmRtazqlm+RLS5sEd5HbHef6cFbe)
SentinelOneStatic AI – Malicious PE
eGambitUnsafe.AI_Score_99%
FortinetW32/Bayrob.AQ!tr
BitDefenderThetaAI:Packer.F1443FFE1E
AVGWin32:Malware-gen
PandaTrj/Genetic.gen
CrowdStrikewin/malicious_confidence_100% (D)
MaxSecureTrojan.Malware.300983.susgen

How to remove Razy.11545?

Razy.11545 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment