Malware

Should I remove “Razy.673723”?

Malware Removal

The Razy.673723 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Razy.673723 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Razy.673723?



File Info:

name: 17EA5475737EB0A3520D.mlw
path: /opt/CAPEv2/storage/binaries/2fd8555312ef91504ab64d4b4a0df65c79c5e73589c04ec2d301c589d43f2038
crc32: 71827064
md5: 17ea5475737eb0a3520d7b425ae6e449
sha1: 1c2908c72703f014df78eece8528b5c0a15d9c19
sha256: 2fd8555312ef91504ab64d4b4a0df65c79c5e73589c04ec2d301c589d43f2038
sha512: 23e4135e83a92af40eb9a908926de63c3fe9ff2806b0d2ad3f79e931fc672f6ee4721e30250ac8813a4e899b14f199fc82f27d1921343603436e156893457440
ssdeep: 3072:F2SsihOHujBODVdlYkFkuOQMPWTAM3P+l9hbgSz:KiGQOZvYzQMPiAM0
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T18BF30210B2EF5865E87DC13410BB88964B2DFE555A68877F24053B273D337856AE33B8
sha3_384: 64262ceaad00ac44b8f3b03b6ff4e9a03cdbff784a15be0ea4558db8209bf319407fe5877b1dcb8419f8b5f81ac6bbed
ep_bytes: 558bec83ec205356576a006a006a006a
timestamp: 2002-04-27 15:22:35


Version Info:

FileDescription: GuardX KickOff Trayicon
LegalCopyright: Copyright © Ikarus Security Software GmbH 2007
InternalName: GuardX
ProductName: GuardX
CompanyName: Sun Microsystems, Inc.
FileVersion: 1.4.3.7
ProductVersion: 4.8.0.5
Translation: 0x0409 0x0000

Razy.673723 also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Generic.4!c
MicroWorld-eScanGen:Variant.Razy.673723
FireEyeGeneric.mg.17ea5475737eb0a3
SkyhighBehavesLike.Win32.ZBot.cc
McAfeePWS-Zbot.gen.qv
Cylanceunsafe
SangforSuspicious.Win32.Save.a
K7AntiVirusRiskware ( 0015e4f11 )
AlibabaTrojanSpy:Win32/FakeAV.d9c33045
K7GWRiskware ( 0015e4f11 )
Cybereasonmalicious.72703f
BitDefenderThetaGen:NN.ZexaF.36744.jO1@aS7yYFki
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32Win32/Spy.Zbot.YW
APEXMalicious
ClamAVWin.Trojan.Zbot-36856
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Variant.Razy.673723
NANO-AntivirusTrojan.Win32.Kazy.wfnim
AvastWin32:Evo-gen [Trj]
RisingMalware.Undefined!8.C (TFE:1:Ggt2OUvDmNS)
EmsisoftGen:Variant.Razy.673723 (B)
F-SecureTrojan.TR/Crypt.ZPACK.Gen
DrWebTrojan.Packed.20771
VIPREGen:Variant.Razy.673723
Trapminemalicious.high.ml.score
SophosMal/FakeAV-PV
IkarusTrojan-PWS.Win32.Zbot
GDataGen:Variant.Razy.673723
WebrootW32.Malware.Gen
GoogleDetected
AviraTR/Crypt.ZPACK.Gen
Antiy-AVLTrojan/Win32.Unknown
KingsoftWin32.HeurC.KVMH008.a
XcitiumMalware@#2c76uuycjqy9v
ArcabitTrojan.Razy.DA47BB
ZoneAlarmHEUR:Trojan.Win32.Generic
CynetMalicious (score: 100)
VBA32Malware-Cryptor.Limpopo
ALYacGen:Variant.Razy.673723
MAXmalware (ai score=97)
PandaGeneric Malware
TencentWin32.Trojan.Crypt.Wwhl
YandexTrojanSpy.Zbot!3+qlwZ0An1c
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.7164915.susgen
FortinetW32/Shiz.NCF!tr
AVGWin32:Evo-gen [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (D)

How to remove Razy.673723?

Razy.673723 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment