What is “Razy.511934”?

The Razy.511934 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Razy.511934 virus can do?

Executable code extraction
Creates RWX memory
The binary likely contains encrypted or compressed data.
Installs itself for autorun at Windows startup
Created a service that was not started
Anomalous binary characteristics

How to determine Razy.511934?


File Info:
crc32: 9F01AA5A
md5: 8f3fff0d268127ef36b9ed0615968149
name: 131.exe
sha1: bbe3af5c7fb35a1f06f0fe90b11b4db50c5c4dd0
sha256: a72c4e8669227484f758ad314540f5c689d5edd2e9209dfaf0c286c23835aaa7
sha512: d16e40e6d43464b2f7e5865b60980f622ee8f8c243e565f439df282a858e355e96ca4a1c58415974d88b3bfc095ce07a627e80860ae9eb6f5b563ef96909d62f
ssdeep: 49152:2/wXboxmumo4zl+KzZ8Xfoo3DlHggvMjm6ZGCs:EG7z8UiPbHgwVgts
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
LegalCopyright: Copyright(c) 2007 Corel Corporation
CompanyName: Corel   Corporation
Built on: Fri 12/14/2007 16:45:14.17
LegalTrademarks: Copyright(c) 2007 Corel Corporation
ProductName: Corel Common Framework
ProductVersion: 7.5.0.375
OriginalFilename: DIMIntl.dll
Translation: 0x0409 0x04e4

Razy.511934 also known as:

Bkav	W32.AIDetectVM.malware1
FireEye	Generic.mg.8f3fff0d268127ef
CAT-QuickHeal	Trojan.DynamerCS.S42162
McAfee	Ransomware-GCQ!8F3FFF0D2681
Cylance	Unsafe
Zillya	Trojan.Yakes.Win32.61196
Sangfor	Malware
K7AntiVirus	Trojan ( 005224381 )
BitDefender	Gen:Variant.Razy.511934
K7GW	Trojan ( 005224381 )
CrowdStrike	win/malicious_confidence_100% (W)
TrendMicro	Ransom_HPCERBER.SMALY5A
F-Prot	W32/S-2c85b7ba!Eldorado
Symantec	Packed.Generic.459
APEX	Malicious
Paloalto	generic.ml
Cynet	Malicious (score: 100)
GData	Gen:Variant.Razy.511934
Kaspersky	HEUR:Trojan.Win32.Generic
Alibaba	Trojan:Win32/Kryptik.875c8ce5
NANO-Antivirus	Trojan.Win32.Yakes.ejcpjq
ViRobot	Trojan.Win32.Z.Razy.1988608.A
AegisLab	Trojan.Win32.Generic.4!c
MicroWorld-eScan	Gen:Variant.Razy.511934
Tencent	Malware.Win32.Gencirc.114b27b2
Ad-Aware	Gen:Variant.Razy.511934
Sophos	Mal/Generic-S
F-Secure	Heuristic.HEUR/AGEN.1108103
DrWeb	Trojan.Ssebot.2
VIPRE	Trojan.Win32.Generic!BT
Trapmine	malicious.moderate.ml.score
Emsisoft	Gen:Variant.Razy.511934 (B)
Ikarus	Trojan.Win32.SpamTool
Cyren	W32/S-2c85b7ba!Eldorado
Jiangmin	Trojan.Yakes.tih
Webroot	W32.Trojan.Gen
Avira	HEUR/AGEN.1108103
MAX	malware (ai score=100)
Antiy-AVL	Trojan/Win32.Yakes
Endgame	malicious (high confidence)
Arcabit	Trojan.Razy.D7CFBE
SUPERAntiSpyware	Trojan.Agent/Gen-MalPack
ZoneAlarm	HEUR:Trojan.Win32.Generic
Microsoft	Trojan:Win32/Dynamer!rfn
AhnLab-V3	Win-Trojan/Cerber.Gen
Acronis	suspicious
BitDefenderTheta	Gen:NN.ZexaF.34136.5r0@ai0PKhjO
ALYac	Gen:Variant.Razy.511934
VBA32	Trojan.Ssebot
Malwarebytes	Trojan.MalPack
Panda	Trj/GdSda.A
ESET-NOD32	a variant of Win32/Kryptik.FKYI
TrendMicro-HouseCall	Ransom_HPCERBER.SMALY5A
Rising	Trojan.Kryptik!1.AE9C (CLOUD)
Yandex	Trojan.Ssebot!
SentinelOne	DFI – Malicious PE
eGambit	Generic.Malware
Fortinet	W32/Kryptik.FQRH!tr
AVG	Win32:Malware-gen
Avast	Win32:Malware-gen
Qihoo-360	HEUR/QVM20.1.859F.Malware.Gen

How to remove Razy.511934?

Razy.511934 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X