Malware

About “Razy.457980” infection

Malware Removal

The Razy.457980 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Razy.457980 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Deletes executed files from disk

How to determine Razy.457980?



File Info:

name: 1BB9F592B0BBB82333E7.mlw
path: /opt/CAPEv2/storage/binaries/e4ad0e8c6e946124d0ed1c1da86608b49cef3dd58b2cdd6e355e65663944025e
crc32: A8E4D946
md5: 1bb9f592b0bbb82333e73fb52381b490
sha1: 94a65f1812b730fe5fe39be2b3783dfe0c51f671
sha256: e4ad0e8c6e946124d0ed1c1da86608b49cef3dd58b2cdd6e355e65663944025e
sha512: bb6920185ad6bcf381e6c682910d2a88dcee8f1745b25a9b74000de76a58eca1fb95c82593c8b2c6331ab533c49a9d196741731179e8b159d3afa94911f2b3b1
ssdeep: 12288:xyIFYoMO1RLJ9PvVMdN+46zGWfIqXgAhsy4uYGXd7R5aBjvYmQ:xyIOo51RLJ9lMdU4kFIqXgTuhNkPQ
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T15BE47A3D57F39325C26581782BA084214AD12E5FDEB0837AE179FDA94F339D428C96CB
sha3_384: bc8daa26e09b7aeecbe80cb0fdad6480eeb8fa6c5f6fc25d527eef33a914c8eee5cade036d9d9dba3bcd4b5b8800ae53
ep_bytes: 558bec83c4c453565733c08945f08945
timestamp: 1992-06-19 22:22:17


Version Info:

Comments: This installation was built with Inno Setup.
CompanyName:                                                             
FileDescription: WXC Setup                                                   
FileVersion:                     
LegalCopyright:                                                                                                     
ProductName: WXC                                                         
ProductVersion: 4.7                                               
Translation: 0x0000 0x04b0

Razy.457980 also known as:

BkavW32.AIDetect.malware2
LionicTrojan.Multi.Generic.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Razy.457980
FireEyeGen:Variant.Razy.457980
ALYacGen:Variant.Razy.457980
CylanceUnsafe
ZillyaDropper.Addrop.Win32.7584
SangforTrojan.Win32.MalwareX.gen
K7AntiVirusTrojan-Downloader ( 00519ebe1 )
AlibabaTrojanDownloader:MSIL/Wirzemro.00e2f438
K7GWTrojan-Downloader ( 00519ebe1 )
Cybereasonmalicious.2b0bbb
BitDefenderThetaGen:NN.ZemsilF.34754.xm0@ayDrU@o
CyrenW32/MSIL_Monetize.A.gen!Eldorado
SymantecTrojan.Gen.2
ESET-NOD32multiple detections
TrendMicro-HouseCallTROJ_GEN.R03BC0DGR22
ClamAVWin.Trojan.Generic-9909003-0
KasperskyUDS:DangerousObject.Multi.Generic
BitDefenderGen:Variant.Razy.457980
NANO-AntivirusTrojan.Win32.Qhost.ezgnwm
CynetMalicious (score: 99)
SUPERAntiSpywareTrojan.Agent/Gen-Downloader
AvastWin32:MalwareX-gen [Trj]
EmsisoftGen:Variant.Razy.457980 (B)
ComodoMalware@#mcgxqlxcm8yr
VIPREGen:Variant.Razy.457980
TrendMicroTROJ_GEN.R03BC0DGR22
McAfee-GW-EditionBehavesLike.Win32.AdwareFileTour.jc
SophosGeneric PUA JE (PUA)
APEXMalicious
GDataGen:Variant.Razy.457980
JiangminTrojanClicker.MSIL.nqv
AviraHEUR/AGEN.1219018
MAXmalware (ai score=100)
Antiy-AVLTrojan/Generic.ASMalwS.330C
ArcabitTrojan.Razy.D6FCFC
MicrosoftTrojan:MSIL/Wirzemro.B
GoogleDetected
AhnLab-V3Trojan/Win32.Agent.C2977937
McAfeeArtemis!1BB9F592B0BB
VBA32Trojan.Occamy
MalwarebytesAdware.Csdimonetize
IkarusTrojan.MSIL.Wirzemro
RisingTrojan.Wirzemro!8.ED76 (CLOUD)
MaxSecureTrojan.Malware.1728101.susgen
FortinetW32/Agent.DRY!tr.dldr
AVGWin32:MalwareX-gen [Trj]
PandaTrj/CI.A

How to remove Razy.457980?

Razy.457980 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment