Razy.696105 information

The Razy.696105 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Razy.696105 virus can do?

Executable code extraction
Unconventionial language used in binary resources: Arabic
Installs itself for autorun at Windows startup
Network activity detected but not expressed in API logs
Anomalous binary characteristics

How to determine Razy.696105?


File Info:
crc32: C56477CA
md5: a2b914550a41e6cb0bf86ed5bb57c944
name: A2B914550A41E6CB0BF86ED5BB57C944.mlw
sha1: 25a4e4028be16ddfda3dd8c3bbb4dab3d60b955e
sha256: fe37a9d86c419c2e880a421dd2eb831852cb2bbd93339a0ea2095be08e405dbb
sha512: b8ee6bc57320163a12eb9c514d64ceee49f29197ecb25214fd2dff6a29568ead9c1e4f7b0062b68c38e46defd009599a5cd6a2dc3949efb3288549bf50f825ea
ssdeep: 3072:U5yp79Gsl9Gosj30OwebgeQWddGP2pFjX/KIpqzDlH7Td+hntq:nl9GX3KWd7pY7TYt
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
Translation: 0x0409 0x04b0
LegalCopyright: Google Chrome
InternalName: scoro
FileVersion: 2.03.0001
CompanyName: Google Chrome
LegalTrademarks: Google Chrome
Comments: Google Chrome
ProductName: Google Chrome
ProductVersion: 2.03.0001
FileDescription: Google Chrome
OriginalFilename: scoro.exe

Razy.696105 also known as:

Bkav	W32.AIDetect.malware2
Elastic	malicious (high confidence)
DrWeb	Trojan.DownLoader12.53817
MicroWorld-eScan	Gen:Variant.Razy.696105
CAT-QuickHeal	TrojanRansom.Blocker
McAfee	GenericRXAA-AA!A2B914550A41
Cylance	Unsafe
VIPRE	Trojan.Win32.Generic!BT
AegisLab	Trojan.Win32.Blocker.j!c
Sangfor	Trojan.Win32.Save.a
K7AntiVirus	Trojan ( 0000000c1 )
BitDefender	Gen:Variant.Razy.696105
K7GW	Trojan ( 0000000c1 )
Cybereason	malicious.50a41e
BitDefenderTheta	Gen:NN.ZevbaCO.34590.pm0@ammcg8pO
Cyren	W32/Trojan.MNJC-1347
Symantec	ML.Attribute.HighConfidence
TrendMicro-HouseCall	TrojanSpy.Win32.BLOCKER.USMANAB21
Avast	Win32:Malware-gen
Kaspersky	Trojan-Ransom.Win32.Blocker.goxb
Alibaba	Ransom:Win32/Blocker.2c37e3e9
NANO-Antivirus	Trojan.Win32.Blocker.hxnkwh
Rising	Ransom.Blocker!8.12A (CLOUD)
Ad-Aware	Gen:Variant.Razy.696105
Sophos	Mal/Generic-S
Comodo	Malware@#1imc6q9u0eth5
F-Secure	Trojan.TR/VB.Agent.bkskm
Zillya	Trojan.Blocker.Win32.26743
TrendMicro	TrojanSpy.Win32.BLOCKER.USMANAB21
McAfee-GW-Edition	BehavesLike.Win32.Trojan.dh
SentinelOne	Static AI – Malicious PE
FireEye	Generic.mg.a2b914550a41e6cb
Emsisoft	Gen:Variant.Razy.696105 (B)
Ikarus	Trojan.Win32.VB
Jiangmin	Trojan/Blocker.ngh
Avira	TR/VB.Agent.bkskm
Antiy-AVL	Trojan[Ransom]/Win32.Blocker
Microsoft	Program:Win32/Ymacco.AAFE
Arcabit	Trojan.Razy.DA9F29
ZoneAlarm	Trojan-Ransom.Win32.Blocker.goxb
GData	Gen:Variant.Razy.696105
Cynet	Malicious (score: 85)
AhnLab-V3	Trojan/Win32.Gen
VBA32	TScope.Trojan.VB
ALYac	Gen:Variant.Razy.696105
MAX	malware (ai score=80)
Malwarebytes	Generic.Malware/Suspicious
Panda	Trj/Genetic.gen
APEX	Malicious
ESET-NOD32	a variant of Win32/VB.RUJ
Yandex	Trojan.Blocker!xDqujPv3udE
eGambit	Unsafe.AI_Score_99%
Fortinet	W32/Blocker.GOXB!tr
Webroot	W32.Backdoor.Gen
AVG	Win32:Malware-gen
Paloalto	generic.ml
CrowdStrike	win/malicious_confidence_90% (W)
Qihoo-360	Win32/Trojan.Ransom.6f2

How to remove Razy.696105?

Razy.696105 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X