Malware

Razy.562853 (B) removal

Malware Removal

The Razy.562853 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Razy.562853 (B) virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Unconventionial language used in binary resources: Russian
  • Authenticode signature is invalid

How to determine Razy.562853 (B)?



File Info:

name: CCACBD2AAA9710096907.mlw
path: /opt/CAPEv2/storage/binaries/7988447d174c69ae958c0906ce84a28f27c371bce4eabadab2a780a42b24e0c8
crc32: 4BF284B3
md5: ccacbd2aaa97100969071436ab87e42c
sha1: 5f5c8737a2ecd2bd20d9a916b9c729206cf74afc
sha256: 7988447d174c69ae958c0906ce84a28f27c371bce4eabadab2a780a42b24e0c8
sha512: f0143dcbb907607f7a35b79f75bd205ca57072a461806d34a04cd03a8227ac1bfa5dd83f6af82e6a5fce843c9e73becb8daaf59638cf1123331ecfe4ae2c5122
ssdeep: 6144:aVWj2Tg2AzaGAXvHiT6Z25mQboMz8+yhL9d09LW/LgBgO4t9bwVuhrvWb/AatN:aVWmfAzKHiT6Z2JoMz8+On0pW8+9lhyH
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1F294CF13AA580386D13E8F3011FD4B09F675D5387B5B078B566DBA7AE8813C27E0369E
sha3_384: 1dea7a5cd3db5ac7669354058b9f15758e234fd72e1ee67353709a689274144da64a27119c6de0b8d6ce3f241ea462ab
ep_bytes: 55e970fbffff08200801080808200210
timestamp: 2006-07-07 15:58:43


Version Info:

CompanyName: СПрцРццРПБщломЖЖЖЛцъМнимпшЧл
FileDescription: еУОиБйлАаазЩИфЗойМЬВУАкРъ
FileVersion: 53.102.22.75
InternalName: ТзЮсугЫфнчсвПРрМътТШцкъбАПзжс
LegalCopyright: 3420-3843
OriginalFilename: dpoHTi.exe
ProductName: ОпЯЙиьтЙсЬпшфЗЮМеяЯшЮОзЛмКНГ
ProductVersion: 53.102.22.75
Translation: 0x04b0 0x0417

Razy.562853 (B) also known as:

BkavW32.AIDetect.malware2
LionicHacktool.Win32.Krap.x!c
Elasticmalicious (high confidence)
CynetMalicious (score: 100)
FireEyeGeneric.mg.ccacbd2aaa971009
ALYacGen:Variant.Razy.562853
CylanceUnsafe
VIPRETrojan.Win32.Nedsym.f (v)
SangforTrojan.Win32.Krap.gx
K7AntiVirusTrojan ( 0055dd191 )
AlibabaVirTool:Win32/Obfuscator.f889520b
K7GWTrojan ( 0055dd191 )
Cybereasonmalicious.aaa971
VirITTrojan.Win32.Cryptic.ES
CyrenW32/Qakbot.A.gen!Eldorado
SymantecTrojan.Gen.MBT
ESET-NOD32a variant of Win32/Kryptik.EUP
APEXMalicious
Paloaltogeneric.ml
KasperskyPacked.Win32.Krap.gx
BitDefenderGen:Variant.Razy.562853
NANO-AntivirusTrojan.Win32.FraudPack.bbjzhl
SUPERAntiSpywareTrojan.Agent/Gen-FakeAV
MicroWorld-eScanGen:Variant.Razy.562853
AvastWin32:MalOb-IJ [Cryp]
TencentWin32.Packed.Krap.Tbsm
Ad-AwareGen:Variant.Razy.562853
EmsisoftGen:Variant.Razy.562853 (B)
ComodoMalCrypt.Indus!@1qrzi1
DrWebTrojan.Packed.20343
ZillyaTrojan.FraudPack.Win32.19503
TrendMicroBKDR_QAKBOT.SMB
McAfee-GW-EditionBehavesLike.Win32.Dropper.gh
SophosMal/Generic-R + Mal/Qbot-B
SentinelOneStatic AI – Malicious PE
GDataGen:Variant.Razy.562853
JiangminTrojan/FraudPack.ton
AviraTR/Dropper.Gen
MAXmalware (ai score=100)
Antiy-AVLTrojan[Packed]/Win32.Krap
ArcabitTrojan.Razy.D896A5
ZoneAlarmPacked.Win32.Krap.gx
MicrosoftRogue:Win32/FakeSpypro
AhnLab-V3Trojan/Win32.FraudPack.R9756
Acronissuspicious
McAfeePWS-Zbot.gen.aum
MalwarebytesGeneric.Malware/Suspicious
TrendMicro-HouseCallBKDR_QAKBOT.SMB
RisingDropper.Generic!8.35E (CLOUD)
YandexTrojan.FakeSpypro!5dA3n7+FRco
IkarusTrojan-Spy.Win32.Zbot
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Krypt.A!tr.dldr
BitDefenderThetaAI:Packer.ED63A0931F
AVGWin32:MalOb-IJ [Cryp]
PandaTrj/Krapack.gen
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Razy.562853 (B)?

Razy.562853 (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment