Razy.584391 (file analysis)

The Razy.584391 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Razy.584391 virus can do?

Dynamic (imported) function loading detected
Authenticode signature is invalid
Anomalous binary characteristics

How to determine Razy.584391?


File Info:
name: 0FFEDA379E95927026ED.mlw
path: /opt/CAPEv2/storage/binaries/a7bc8ce90baab954100c642e29dbd3d963805d98ac38d731d92bf6533f73882d
crc32: 56925503
md5: 0ffeda379e95927026eda303ebad416a
sha1: 208c3c776b8729719c9b27d681d8109b331491e3
sha256: a7bc8ce90baab954100c642e29dbd3d963805d98ac38d731d92bf6533f73882d
sha512: 18f91284d07e9ed0ff440db48143c3bd7b70160e79a77bf778e303479968c9aec001570097497896c6010711531c6ea881d331c38ef7ab3391855b67619e13a0
ssdeep: 1536:r84YWac+abptsy5VyYc/9n1RcGxzeeUVn9KyQgHo0JuresehaA1VUF:rN1r9KGI04CCAP
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T15F73D91813583253C73E95331CA6DA8BAF78D307D65607B779DAE5E828C27B8E3016B4
sha3_384: 28bf8e11b227659bb3b5bcdabe8e2f3087fb00d7b9ae1e3ffaed325a01e4476d64bddcd1e3d5228ab42dbf1576dd625a
ep_bytes: 518d042450ff150020400050ff150c20
timestamp: 2014-03-06 19:54:12

Version Info:
0: [No Data]

Razy.584391 also known as:

Lionic	Trojan.Win32.Razy.4!c
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Razy.584391
FireEye	Gen:Variant.Razy.584391
ALYac	Gen:Variant.Razy.584391
Cylance	Unsafe
Sangfor	Suspicious.Win32.Razy.584391
Alibaba	TrojanDropper:Win32/Generic.7cbf4487
Cybereason	malicious.79e959
Paloalto	generic.ml
BitDefender	Gen:Variant.Razy.584391
APEX	Malicious
Emsisoft	Gen:Variant.Razy.584391 (B)
McAfee-GW-Edition	BehavesLike.Win32.Almanahe.lm
Sophos	Generic PUA CA (PUA)
Ikarus	Trojan.Dropper
MAX	malware (ai score=86)
Microsoft	Trojan:Win32/Wacatac.B!ml
GData	Gen:Variant.Razy.584391
McAfee	Artemis!0FFEDA379E95
Malwarebytes	Generic.Malware/Suspicious
Avast	Win32:Malware-gen
MaxSecure	Trojan.Malware.111585537.susgen
AVG	Win32:Malware-gen
CrowdStrike	win/malicious_confidence_70% (W)

How to remove Razy.584391?

Razy.584391 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X