About “Razy.768260” infection

The Razy.768260 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Razy.768260 virus can do?

Behavioural detection: Executable code extraction – unpacking
The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid

How to determine Razy.768260?


File Info:
name: 1612618F154E3CA8A11F.mlw
path: /opt/CAPEv2/storage/binaries/0c4a9c4e2177f56594607beb1c3be7367e41d78b2d60c074ec2fbe46f16dd5c1
crc32: 803FFA78
md5: 1612618f154e3ca8a11f1e7a50fefdab
sha1: defcde1c8995a9ce709bc2e72a8fbd734e95b091
sha256: 0c4a9c4e2177f56594607beb1c3be7367e41d78b2d60c074ec2fbe46f16dd5c1
sha512: 6d7a6b57bf2d1f8960afacc1e3de161281ff9ca38e83d90008fbf009299f2b5cd48e3c866bece5c545a98100199ed477ab1e6cd564594f1e988149034c6c34a6
ssdeep: 384:2Wqn4Tlx0UGD1QkWCRkS9+5pqQGs1iERUfXkMemF7uZue+e+jU6XVlJz5Syafu1Y:2Wq4D0UGD1twUemvpmxyBoFy2T
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1E643A4138E148AC1ED8E063019ED66661BA669207466DD0737979F8C2D30B93FEFD31B
sha3_384: d13d8ba84d3b19cd07fd942ba4eeba4d55c7ffdd5e3039c1874265208ca518af34295a702e92874cd27a34e71523fa17
ep_bytes: 6804264000e8f0ffffff000000000000
timestamp: 2006-09-07 10:36:50

Version Info:
Translation: 0x0409 0x04b0
CompanyName: consultancy
ProductName: Project1
FileVersion: 1.00
ProductVersion: 1.00
InternalName: AreaCalculator_1
OriginalFilename: AreaCalculator_1.exe

Razy.768260 also known as:

Bkav	W32.AIDetect.malware1
Lionic	Worm.Win32.WBNA.low6
MicroWorld-eScan	Gen:Variant.Razy.768260
VIPRE	Gen:Variant.Razy.768260
Sangfor	Trojan.Win32.Wacatac.B
Alibaba	Trojan:Win32/WrongInf.b867ad33
Cybereason	malicious.f154e3
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
APEX	Malicious
Paloalto	generic.ml
Cynet	Malicious (score: 99)
BitDefender	Gen:Variant.Razy.768260
Avast	FileRepMalware [Misc]
Ad-Aware	Gen:Variant.Razy.768260
Emsisoft	Gen:Variant.Razy.768260 (B)
McAfee-GW-Edition	BehavesLike.Win32.Autorun.qt
Trapmine	malicious.high.ml.score
FireEye	Generic.mg.1612618f154e3ca8
Sophos	Generic ML PUA (PUA)
Ikarus	Trojan.Patched
GData	Gen:Variant.Razy.768260
Avira	TR/Patched.Ren.Gen
Arcabit	Trojan.Razy.DBB904
Microsoft	Trojan:Win32/Wacatac.B!ml
Google	Detected
ALYac	Gen:Variant.Razy.768260
MAX	malware (ai score=86)
Malwarebytes	Malware.Heuristic.1001
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.108579734.susgen
Fortinet	PossibleThreat.PALLAS.H
BitDefenderTheta	Gen:NN.ZevbaF.34682.dq0@a0fWtLgi
AVG	FileRepMalware [Misc]
Panda	Trj/CI.A
CrowdStrike	win/malicious_confidence_100% (W)

How to remove Razy.768260?

Razy.768260 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X