Malware

Razy.432059 (B) malicious file

Malware Removal

The Razy.432059 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Razy.432059 (B) virus can do?

  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Network activity detected but not expressed in API logs

Related domains:

wpad.local-net

How to determine Razy.432059 (B)?



File Info:

name: D6DB9E2DB747C9C5C55D.mlw
path: /opt/CAPEv2/storage/binaries/9a54307cbd059a69db9a748489d889f77ee6809105def154a4b8231df1089fda
crc32: 6BE76C96
md5: d6db9e2db747c9c5c55d941639ed89f9
sha1: 3ec2c512a53c74d1711675f1efc60e8ea170b025
sha256: 9a54307cbd059a69db9a748489d889f77ee6809105def154a4b8231df1089fda
sha512: c0407230fd53008c6f3bc523cbcb44cbbe332f3287d067dd3640dd42b45b36c5bdac38848e8bce6a6f7f09d1713afe2df7ac11c75fe6e78aaa633c3a7f4bfc92
ssdeep: 384:cOmV8sZF2+fQJKI35kvwKwq6u4f+e70tYt3DM2UB5e6KKKKKKKKKKKKKKKKKKKKv:cHSsZGpl2+0WRM2UBto+0W7MaUB+
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T17B243B663F85DD92D4732EF9892AD0942BA1BD151D62C61738F5B75FEBF23802E08360
sha3_384: 1c2679d63c35ed0138ea3ee9a3dd5ea3e9b92f0e1ffda3bcc5866db78f14b1443e0c8b56084998ec1d172f0d61878cf1
ep_bytes: ff250020400000000000000000000000
timestamp: 2018-11-13 14:13:43


Version Info:

Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: hidden-tear-decrypter
FileVersion: 1.0.0.0
InternalName: hidden-tear-decrypter.exe
LegalCopyright: Copyright ©  2015
LegalTrademarks: 
OriginalFilename: hidden-tear-decrypter.exe
ProductName: hidden-tear-decrypter
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Razy.432059 (B) also known as:

LionicTrojan.Win32.Razy.4!c
MicroWorld-eScanGen:Variant.Razy.432059
FireEyeGeneric.mg.d6db9e2db747c9c5
McAfeeArtemis!D6DB9E2DB747
CylanceUnsafe
VIPRETrojan.Win32.Generic!BT
AlibabaRansom:Application/FileCrypter.f1afcb19
BitDefenderThetaGen:NN.ZemsilF.34294.nm0@aGiGnDn
SymantecRansom.HiddenTear!g1
BitDefenderGen:Variant.Razy.432059
SUPERAntiSpywareTrojan.Agent/Generic
Ad-AwareGen:Variant.Razy.432059
EmsisoftGen:Variant.Razy.432059 (B)
SophosGeneric PUA DO (PUA)
SentinelOneStatic AI – Suspicious PE
GDataGen:Variant.Razy.432059
MicrosoftTrojan:Win32/Wacatac.B!ml
ALYacGen:Variant.Razy.432059
MAXmalware (ai score=100)
MalwarebytesRansom.HiddenTearDecrypter
TrendMicro-HouseCallTROJ_GEN.R002C0OKO21
IkarusTrojan-Ransom.FileCrypter
FortinetPossibleThreat

How to remove Razy.432059 (B)?

Razy.432059 (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment