Malware

About “Razy.674154 (B)” infection

Malware Removal

The Razy.674154 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Razy.674154 (B) virus can do?

  • Presents an Authenticode digital signature
  • Repeatedly searches for a not-found process, may want to run with startbrowser=1 option
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX

How to determine Razy.674154 (B)?



File Info:

crc32: FD9134C6
md5: ba25aebb638b90aa89bb5e41da004e9f
name: BA25AEBB638B90AA89BB5E41DA004E9F.mlw
sha1: b2f56ec26a30ff41c396f8f1cb5e420499c5e518
sha256: 66831ffdef6d7ddd7e4f37fedd666683c5b65bc226a30217edaf47ee39b91fb8
sha512: 5c392fa3862353dfeef263c5c82f7a23adf0bce151e2d3a6ee8c47d0e942aa0a53fddbc1acd67c74218653e516355221eb3f62a2dbceb429c309a07f10fa8398
ssdeep: 768:C1f07uX579b/lguOuFoB4pmJz99UzIkVgJ831OaAzkciWLK:C1c7U57gnu8nJB9UzIkVgU/cT+
type: PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed


Version Info:

LegalCopyright: x8f6fx4ef6x4ec5x4f9bx6280x672fx4ea4x6d41xff0cx8bf7x52ffx7528x4e8ex5546x4e1ax53cax975ex6cd5x7528x9014xff0cx5982x4ea7x751fx6cd5x5f8bx7ea0x7eb7x4e0ex672cx4ebax65e0x5173
InternalName: xing
FileVersion: 4.0.1.2
CompanyName: xing
LegalTrademarks: xing
ProductName: xing
ProductVersion: 4.0.1.2
FileDescription: xing
OriginalFilename: xing
Translation: 0x0804 0x0000

Razy.674154 (B) also known as:

ALYacGen:Variant.Razy.674154
CylanceUnsafe
CrowdStrikewin/malicious_confidence_60% (W)
BitDefenderGen:Variant.Razy.674154
Cybereasonmalicious.b638b9
ESET-NOD32a variant of Win32/Packed.BlackMoon.A potentially unwanted
TotalDefenseWin32/Oflwr.A!crypt
MicroWorld-eScanGen:Variant.Razy.674154
Ad-AwareGen:Variant.Razy.674154
SophosGeneric PUA LC (PUA)
BitDefenderThetaGen:NN.ZexaF.34628.dmMfau!dNWhb
McAfee-GW-EditionGenericRXMA-QI!019536BE2DF3
FireEyeGen:Variant.Razy.674154
EmsisoftGen:Variant.Razy.674154 (B)
MicrosoftProgram:Win32/Wacapew.C!ml
GridinsoftTrojan.Win32.Packed.dd!n
ArcabitTrojan.Razy.DA496A
GDataWin32.Trojan.Agent.WP
AhnLab-V3Malware/Win32.Generic.C4364621
McAfeeArtemis!BA25AEBB638B
MAXmalware (ai score=80)
VBA32BScope.Trojan.Wacatac
MalwarebytesMalware.AI.630807843
SentinelOneStatic AI – Malicious PE
FortinetW32/Agent.WP!tr

How to remove Razy.674154 (B)?

Razy.674154 (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment