Malware

Razy.570067 removal tips

Malware Removal

The Razy.570067 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Razy.570067 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Behavioural detection: Executable code extraction – unpacking
  • Creates RWX memory
  • Guard pages use detected – possible anti-debugging.
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Created a process from a suspicious location

How to determine Razy.570067?



File Info:

name: 1F91809EEE79FA312B88.mlw
path: /opt/CAPEv2/storage/binaries/6cab963718b509309a0c14385cea3f1242ff72bf725e2b413060639c2047ee38
crc32: 322254B4
md5: 1f91809eee79fa312b88de2aef1f1a69
sha1: 261401ca58ab033464e95dcda89a89a793972702
sha256: 6cab963718b509309a0c14385cea3f1242ff72bf725e2b413060639c2047ee38
sha512: 3dc19814bbedafdc9d98b9ac6f52e9322dd4423076b4107ba17054a0ec3867cca1790ae3fb26ffc91f64cc5233e51269a6e6c7ffaa6df19e78e7bb27a2083661
ssdeep: 1536:Igm6B92AxVMPVbAZkwaPiC3t6HlwmuTxVSPo0aSZjlt:c6B92AxVMP3Dio02mAxAQS1lt
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T137A3A19937E89E93C555AB7884E203813735D14B7A02E71FEC92097E4E8A7FA3C4C953
sha3_384: 8eeaed6886d7ec86c9b5b0402aee03e796702d9f14e677f3cc9379ae62cf585bd12970f279586960b0466506a8cbd1d1
ep_bytes: ff250020400000000000000000000000
timestamp: 2012-10-02 07:48:50


Version Info:

FileDescription:  
FileVersion: 1.0.0.0
InternalName: hdnfk.exe
LegalCopyright:  
OriginalFilename: hdnfk.exe
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0
Translation: 0x0000 0x04b0

Razy.570067 also known as:

LionicHacktool.MSIL.ArchSMS.m3Bz
DrWebTrojan.MulDrop4.3486
MicroWorld-eScanGen:Variant.Razy.570067
FireEyeGeneric.mg.1f91809eee79fa31
ALYacGen:Variant.Razy.570067
CylanceUnsafe
SangforRiskware.Win32.ArchSMS.ovll
K7AntiVirusTrojan ( 003b361f1 )
AlibabaRiskWare:Win32/ArchSMS.a8b34b32
K7GWTrojan ( 003b361f1 )
Cybereasonmalicious.eee79f
BitDefenderThetaGen:NN.ZemsilF.34084.gm0@aOLnr7g
VirITTrojan.Win32.FakeAV.AIOO
CyrenW32/MSIL_SMS.B.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32MSIL/Hoax.ArchSMS.BD
TrendMicro-HouseCallTROJ_GEN.R002C0PLA21
Paloaltogeneric.ml
ClamAVWin.Trojan.Agent-889359
KasperskyHoax.Win32.ArchSMS.ovll
BitDefenderGen:Variant.Razy.570067
NANO-AntivirusTrojan.Win32.Agent.edcvtt
ViRobotTrojan.Win32.Z.Razy.105472.EW
AvastWin32:GenMaliciousA-ERN [Adw]
TencentMalware.Win32.Gencirc.10cf486e
Ad-AwareGen:Variant.Razy.570067
EmsisoftGen:Variant.Razy.570067 (B)
ComodoApplicUnsaf.Win32.Hoax.ArchSMS.OVLL@4rfpaa
VIPRETrojan.Win32.Generic.pak!cobra
TrendMicroTROJ_GEN.R002C0PLA21
McAfee-GW-EditionGeneric BackDoor.afb
SophosMal/Generic-S
GDataGen:Variant.Razy.570067
JiangminTrojanDropper.MSIL.itf
AviraAPPL/SMSHoax.879958
Antiy-AVLHackTool[Hoax]/Win32.ArchSMS
ArcabitTrojan.Razy.D8B2D3
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
AhnLab-V3Dropper/Win32.Agent.R38874
McAfeeGeneric BackDoor.afb
MAXmalware (ai score=84)
VBA32Hoax.ArchSMS.ov
MalwarebytesMalware.AI.561206648
APEXMalicious
SentinelOneStatic AI – Suspicious PE
eGambitUnsafe.AI_Score_99%
FortinetRiskware/ArchSMS
AVGWin32:GenMaliciousA-ERN [Adw]
PandaTrj/CI.A

How to remove Razy.570067?

Razy.570067 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment