Razy.377872 (B) malicious file

The Razy.377872 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Razy.377872 (B) virus can do?

Attempts to connect to a dead IP:Port (2 unique times)
Creates RWX memory
Repeatedly searches for a not-found process, may want to run with startbrowser=1 option
Performs some HTTP requests
Attempts to remove evidence of file being downloaded from the Internet
Creates or sets a registry key to a long series of bytes, possibly to store a binary or malware config
A system process is generating network traffic likely as a result of process injection
Installs itself for autorun at Windows startup
Creates a hidden or system file
Creates a copy of itself

Related domains:

milliaoin.info

lionoi.adygeya.su

ionoiddi.mangyshlak.su

missidiowi.xyz

io90s8dudi.xyz

How to determine Razy.377872 (B)?


File Info:
crc32: 133332A2
md5: f166e6dd969ec235ba9623c8f4fe04d4
name: F166E6DD969EC235BA9623C8F4FE04D4.mlw
sha1: 8f2acae30a77387db49af93ebd4b014b8e102d29
sha256: 2bf26fe0f26585989ff9c23160867c05fbb817f6565266ce9faeda9291b4b89b
sha512: 498c59a1563b2d39fd96a26ef6ed08f8a709f82a43f79202fc62f7a5650ef5ea380063b178137b81fca373537c351a1abe5ec5e7a0f0938dd2e8bd306f9d42a0
ssdeep: 3072:3DuzntrT8uRAhEhzxIwakk8m0EEeu0yvvRAg0FujT0xwG2rE40leJT:zuzntrHbZx3a/0Ek02AOf0KrE7st
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
InternalName: sgfnghmj.exe

Razy.377872 (B) also known as:

Bkav	W32.AIDetect.malware1
K7AntiVirus	Trojan ( 0053d5971 )
Elastic	malicious (high confidence)
DrWeb	Trojan.Encoder.25976
MicroWorld-eScan	Gen:Variant.Razy.377872
ALYac	Gen:Variant.Razy.377872
Cylance	Unsafe
Sangfor	Trojan.Win32.Save.a
CrowdStrike	win/malicious_confidence_100% (W)
Alibaba	Trojan:Win32/Kryptik.b2940e92
K7GW	Trojan ( 0053d5971 )
Cybereason	malicious.d969ec
Cyren	W32/GandCrypt.F.gen!Eldorado
Symantec	Trojan Horse
ESET-NOD32	a variant of Win32/Kryptik.GJUP
APEX	Malicious
Avast	Win32:MalwareX-gen [Trj]
Cynet	Malicious (score: 100)
Kaspersky	HEUR:Trojan.Win32.Generic
BitDefender	Gen:Variant.Razy.377872
NANO-Antivirus	Trojan.Win32.Propagate.fhsxok
ViRobot	Trojan.Win32.GandCrab.254976
Tencent	Win32.Trojan.Generic.Eawk
Ad-Aware	Gen:Variant.Razy.377872
Sophos	Mal/Generic-S + Mal/GandCrab-B
Comodo	TrojWare.Win32.Ransom.Gandcrab.GJ@7tcda3
BitDefenderTheta	Gen:NN.ZexaF.34790.nu0@au9Vn4dG
McAfee-GW-Edition	BehavesLike.Win32.MultiPlug.dh
FireEye	Generic.mg.f166e6dd969ec235
Emsisoft	Gen:Variant.Razy.377872 (B)
SentinelOne	Static AI – Suspicious PE
Jiangmin	Trojan.GandCrypt.dx
Avira	HEUR/AGEN.1103434
eGambit	Unsafe.AI_Score_99%
Antiy-AVL	Trojan/Generic.ASMalwS.27C2F7E
Microsoft	Trojan:Win32/Occamy.C2B
GData	Gen:Variant.Razy.377872
AhnLab-V3	Win-Trojan/Gandcrab07.Exp
Acronis	suspicious
McAfee	Packed-FKN!F166E6DD969E
MAX	malware (ai score=100)
VBA32	BScope.Trojan.Fuerboos
Malwarebytes	Trojan.Agent
Panda	Trj/GdSda.A
Rising	Trojan.Generic@ML.100 (RDML:1jEyHbsSycJNkJwo3XJsnA)
Yandex	Trojan.GenAsa!d4BH8v4g1xs
Ikarus	Trojan.Win32.Krypt
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/GenKryptik.CHZN!tr
AVG	Win32:MalwareX-gen [Trj]
Paloalto	generic.ml
Qihoo-360	Win32/Trojan.Generic.HgIASOYA

How to remove Razy.377872 (B)?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

Razy.377872 (B) malicious file