Malware

How to remove “Razy.672327”?

Malware Removal

The Razy.672327 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Razy.672327 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Creates RWX memory
  • Guard pages use detected – possible anti-debugging.
  • Dynamic (imported) function loading detected
  • Enumerates the modules from a process (may be used to locate base addresses in process injection)
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid

How to determine Razy.672327?



File Info:

name: F896FD2230EC80959E01.mlw
path: /opt/CAPEv2/storage/binaries/1876a63391a12016b8b5ae4fb7cc67d0f1ab163f51c673a79ee98e01fe01055f
crc32: 10815AD0
md5: f896fd2230ec80959e01c4d3ede8cd70
sha1: 02a15f21a6f9664d1c7923228d24051bcf6afa0f
sha256: 1876a63391a12016b8b5ae4fb7cc67d0f1ab163f51c673a79ee98e01fe01055f
sha512: 9bbe552ecf9f33b41656068513516469c6c068b99fb76babdfc00f0252bdf13c7d3a9dfdffcb46c18f73fa3b771f3b887fa053008b74b2e38a6d08e6f8bfe7b6
ssdeep: 3072:voTMwtSRo6lhc7NEZgxgRmGGB1jGKGbhgoaKbeRDuoRlAwKBb9RkxYJ:QowtqoqMEOOmGGfjGRioCRDjRlA1Rkx
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1B115E6A77417F496C7414AB009B180F132EA7DFD28A4CD896A85F74DB5B3AC19E0B372
sha3_384: b3e05193de57c36f5188daceb577242e2cb3221ee8488afa0a8386c085f0401abf8b10a5502982cc1d2aafdaa6362bdb
ep_bytes: ff250020400000000000000000000000
timestamp: 2012-06-23 11:12:56


Version Info:

Translation: 0x0000 0x04b0
Comments: Rats Server Injector Into Any File
CompanyName: BD2 Co.
FileDescription: BD2.Net Injector
FileVersion: 1.0.0.0
InternalName: BD2.Net Injector.exe
LegalCopyright: Copyright © BD2 Co. 2012
OriginalFilename: BD2.Net Injector.exe
ProductName: BD2.Net Injector
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Razy.672327 also known as:

LionicTrojan.MSIL.Agent.4!c
DrWebTrojan.DownLoader13.48480
CAT-QuickHealTrojan.PhonzyFC.S18874735
ALYacGen:Variant.Razy.672327
MalwarebytesBackdoor.Bot
VIPRETrojan.Win32.Generic!BT
SangforTrojan.MSIL.Agent.OSY
CrowdStrikewin/malicious_confidence_100% (W)
BitDefenderGen:Variant.Razy.672327
K7GWTrojan ( 700000121 )
K7AntiVirusTrojan ( 700000121 )
VirITTrojan.Win32.MSIL3.AJUO
SymantecML.Attribute.HighConfidence
ESET-NOD32MSIL/Agent.OSY
KasperskyTrojan.MSIL.Agent.fnln
AlibabaTrojan:MSIL/Generic.f6d59ff5
NANO-AntivirusTrojan.Win32.Generic.ctyrkp
SUPERAntiSpywareBackdoor.Bot/Variant
MicroWorld-eScanGen:Variant.Razy.672327
Ad-AwareGen:Variant.Razy.672327
EmsisoftGen:Variant.Razy.672327 (B)
ComodoMalware@#3ctjaty7fn66n
ZillyaTrojan.Agent.Win32.525722
TrendMicroTROJ_GEN.R014C0OJG21
McAfee-GW-EditionGenericRXKU-EB!F896FD2230EC
FireEyeGen:Variant.Razy.672327
SophosMal/MSIL-RX
SentinelOneStatic AI – Suspicious PE
JiangminTrojan/MSIL.fgro
WebrootW32.Trojan.Gen
MAXmalware (ai score=100)
Antiy-AVLTrojan/Generic.ASMalwS.AAC987
MicrosoftBackdoor:Win32/Bladabindi!ml
ArcabitTrojan.Razy.DA4247
GDataGen:Variant.Razy.672327
AhnLab-V3Trojan/Win32.Agent.C740510
McAfeeGenericRXKU-EB!F896FD2230EC
VBA32Trojan.MSIL.Agent
CylanceUnsafe
TrendMicro-HouseCallTROJ_GEN.R014C0OJG21
TencentMalware.Win32.Gencirc.114c571d
YandexTrojan.Agent!N1tveij9Gl8
IkarusTrojan.MSIL.Agent
MaxSecureTrojan.Malware.300983.susgen
AVGWin32:Dropper-gen [Drp]
Cybereasonmalicious.230ec8
AvastWin32:Dropper-gen [Drp]

How to remove Razy.672327?

Razy.672327 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment