Malware

Razy.701677 (file analysis)

Malware Removal

The Razy.701677 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Razy.701677 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Dynamic (imported) function loading detected
  • Unconventionial language used in binary resources: Spanish (Modern)
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Network activity detected but not expressed in API logs

How to determine Razy.701677?



File Info:

name: 06E425564E736D9A4F8C.mlw
path: /opt/CAPEv2/storage/binaries/973d5a58dcd4b4fb40f5007511891122029ab6670c3872e998bec3e66c7cf44a
crc32: 6840291E
md5: 06e425564e736d9a4f8cc96a61fb5fc4
sha1: eab78b178a6f2f4a50b3f4fe08dd6a75012f30b8
sha256: 973d5a58dcd4b4fb40f5007511891122029ab6670c3872e998bec3e66c7cf44a
sha512: f3aa13db884e339aa476ee3f6e5f50865b9d654cf31fc6ace417cdcb1954d58dc355e160af42719a04076bab9977c54079a71b08234c884f5ff9fba72ef7d699
ssdeep: 1536:vi1ZeLMwMB/i1SABLBFodY1rTxfLw8k/eV4iOxmglCX9jfAKtqyEu:vivL/ir9PodkrTBHk/eVhO8HX9DAKtqA
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1C293D123AE3C6877E6AD4AB20D615B908CAB7D705001DE4B585E5E0D0C75B872CF8B2F
sha3_384: 9f7125a2dd4dfc1bc348b265af4a1fc3c50c89a9d5ccf38ee08ddcc159a1d7bd5ff60565193982c836a042f016a80200
ep_bytes: 6884264000e8f0ffffff000000000000
timestamp: 2018-06-16 21:56:45


Version Info:

Translation: 0x0c0a 0x04b0
CompanyName: **
ProductName: Cliente
FileVersion: 1.00
ProductVersion: 1.00
InternalName: Cliente
OriginalFilename: Cliente.exe

Razy.701677 also known as:

BkavW32.AIDetect.malware1
LionicTrojan.Win32.Razy.4!c
MicroWorld-eScanGen:Variant.Razy.701677
FireEyeGeneric.mg.06e425564e736d9a
CAT-QuickHealTrojan.OccamyVMF.S23809588
ALYacGen:Variant.Razy.701677
CylanceUnsafe
SangforTrojan.Win32.Wacatac.B
CrowdStrikewin/malicious_confidence_60% (W)
AlibabaTrojanDropper:Win32/Rimecud.76ec40f2
SymantecML.Attribute.HighConfidence
TrendMicro-HouseCallTROJ_GEN.R002C0PIT21
BitDefenderGen:Variant.Razy.701677
AvastWin32:Malware-gen
Ad-AwareGen:Variant.Razy.701677
ComodoMalware@#2j3xhd1llwxl5
TrendMicroTROJ_GEN.R002C0PIT21
McAfee-GW-EditionBehavesLike.Win32.Trojan.nh
EmsisoftGen:Variant.Razy.701677 (B)
IkarusTrojan.Dropper
GDataGen:Variant.Razy.701677
MicrosoftTrojan:Win32/Wacatac.B!ml
AhnLab-V3Malware/Win32.RL_Generic.R341589
Acronissuspicious
McAfeeW32/Rimecud.gen.aw
MAXmalware (ai score=87)
MalwarebytesMachineLearning/Anomalous.100%
APEXMalicious
YandexTrojan.GenAsa!r+aQwk998m4
SentinelOneStatic AI – Suspicious PE
MaxSecureTrojan.Malware.300983.susgen
AVGWin32:Malware-gen
PandaTrj/CI.A

How to remove Razy.701677?

Razy.701677 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment