Malware

Razy.616948 removal

Malware Removal

The Razy.616948 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Razy.616948 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Behavioural detection: Injection (Process Hollowing)
  • Behavioural detection: Injection (inter-process)

How to determine Razy.616948?



File Info:

name: 15C9396BEAE6B73885CD.mlw
path: /opt/CAPEv2/storage/binaries/70f6470a57e6062d41ace9b375284a7abf31fb730dc4128e6069a8874a727252
crc32: 94A8D87D
md5: 15c9396beae6b73885cd9b6883bfeec5
sha1: 060ecddaa85f17d05d3c8448f96096ed527b4f14
sha256: 70f6470a57e6062d41ace9b375284a7abf31fb730dc4128e6069a8874a727252
sha512: fe30a1cc6ac95d1786fef96960f8e98cd9b8b1ee60819e9acf13722bc48e1cb885d3cf49bcf95bd69e21699732adffee4f61f4a0e0a7ca736e390ca59f32cdbe
ssdeep: 768:rvts5A18mPvpEkwN8DUWnmHm39sn2wf3/E5ALVH2XhlTr:rvKAUN8DmHm39s2wfvE5ALIXhx
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T12923694228FB6F1DF921457E0F2E4B2B19C7FF3A86238A06876B1C917C086116D0E6D3
sha3_384: 5504e28903be1164449fa4d43ba258db03d579d3dbe4be8c507df9adfbb2a334342a0d20b9519e3ae190060d4b940ddf
ep_bytes: 60be00b040008dbe0060ffff5783cdff
timestamp: 2010-10-30 10:30:46


Version Info:

Translation: 0x0409 0x04b0
Comments:    
CompanyName:    
LegalCopyright:          
ProductName: Project1
FileVersion: 1.00
ProductVersion: 1.00
InternalName: Project1
OriginalFilename: Project1.exe

Razy.616948 also known as:

Elasticmalicious (moderate confidence)
CynetMalicious (score: 100)
FireEyeGeneric.mg.15c9396beae6b738
McAfeeArtemis!15C9396BEAE6
CylanceUnsafe
VIPREGen:Variant.Razy.616948
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 0050d8661 )
AlibabaTrojan:Win32/VBKrypt.3b62c7ca
K7GWTrojan ( 0050d8661 )
CrowdStrikewin/malicious_confidence_90% (W)
SymantecML.Attribute.HighConfidence
tehtrisGeneric.Malware
ESET-NOD32a variant of Win32/Injector.CUD
APEXMalicious
ClamAVWin.Trojan.5527193-1
KasperskyTrojan.Win32.VBKrypt.waz
BitDefenderGen:Variant.Razy.616948
NANO-AntivirusTrojan.Win32.VBKrypt.joewni
MicroWorld-eScanGen:Variant.Razy.616948
AvastFileRepMalware [Trj]
TencentWin32.Trojan.Vbkrypt.Iqil
Ad-AwareGen:Variant.Razy.616948
EmsisoftGen:Variant.Razy.616948 (B)
ComodoMalware@#1l1jux30qrzl8
ZillyaTrojan.Injector.Win32.503162
McAfee-GW-EditionBehavesLike.Win32.MultiDropper.pc
Trapminemalicious.moderate.ml.score
SophosMal/Generic-S
IkarusTrojan-Ransom.PornoBlocker
GDataGen:Variant.Razy.616948
JiangminBackdoor/DarkKomet.csn
WebrootW32.Trojan.VBKrypt.waz
AviraTR/Crypt.ULPM.Gen
Antiy-AVLTrojan/Generic.ASMalwS.3303
ArcabitTrojan.Razy.D969F4
MicrosoftTrojan:Win32/Wacatac.B!ml
GoogleDetected
BitDefenderThetaAI:Packer.A8620CBC20
ALYacGen:Variant.Razy.616948
MAXmalware (ai score=100)
VBA32Malware-Cryptor.VB.gen
MalwarebytesMalware.Heuristic.1003
RisingTrojan.VBKrypt!8.5C0 (CLOUD)
YandexTrojan.VBKrypt!iXCkQVIyLE4
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.1509393.susgen
FortinetW32/Refroso.AGEA!tr
AVGFileRepMalware [Trj]
Cybereasonmalicious.beae6b
PandaGeneric Malware

How to remove Razy.616948?

Razy.616948 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment