Malware

What is “Razy.772097 (B)”?

Malware Removal

The Razy.772097 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Razy.772097 (B) virus can do?

  • Executable code extraction
  • Creates RWX memory
  • A process attempted to delay the analysis task.
  • A process created a hidden window
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Uses Windows utilities for basic functionality
  • Attempts to modify desktop wallpaper
  • Deletes its original binary from disk
  • Exhibits behavior characteristic of Cerber ransomware
  • Attempts to execute a binary from a dead or sinkholed URL
  • Writes a potential ransom message to disk
  • Attempts to modify proxy settings
  • Attempts to access Bitcoin/ALTCoin wallets
  • Collects information to fingerprint the system
  • Uses suspicious command line tools or Windows utilities

How to determine Razy.772097 (B)?



File Info:

crc32: BD7378D0
md5: 3198bc60099677041d5acea764fbaf08
name: 3198BC60099677041D5ACEA764FBAF08.mlw
sha1: 114a583a2db9337cf650f7e5b4ae11c88961446e
sha256: 1409247218a4f3c7785119753b04f67d4e26eba299e4ff3e561facc12115e611
sha512: ece1d70660189e37fc349fd7bec0db027c60400b9e5731f02ca28a6637ee2423d62290d9158656acf332432c93eba77063ab253025d435b7a3579bbbe334c4dc
ssdeep: 12288:ln9Rqt7yeOX8gIjKoa+888888888888W88888888888i:YJy3X8fuBB
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

CompanyName: IObit 
Translation: 0x0409 0x04e4

Razy.772097 (B) also known as:

BkavW32.AIDetect.malware1
K7AntiVirusTrojan ( 005224381 )
Elasticmalicious (high confidence)
DrWebTrojan.Siggen7.21997
CynetMalicious (score: 100)
CAT-QuickHealRansom.Cerber.A4
ALYacGen:Variant.Razy.772097
CylanceUnsafe
ZillyaTrojan.Zerber.Win32.2453
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaRansom:Win32/Cerber.49bcd36c
K7GWTrojan ( 0050e5e41 )
Cybereasonmalicious.009967
BaiduWin32.Trojan.Kryptik.anp
CyrenW32/Zbot.JC.gen!Eldorado
SymantecPacked.Generic.459
ESET-NOD32a variant of Win32/Kryptik.FSOH
APEXMalicious
AvastWin32:Rootkit-gen [Rtk]
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Variant.Razy.772097
NANO-AntivirusTrojan.Win32.Zerber.epcedo
MicroWorld-eScanGen:Variant.Razy.772097
TencentMalware.Win32.Gencirc.10bb9b8f
Ad-AwareGen:Variant.Razy.772097
SophosML/PE-A + Mal/Cerber-B
ComodoTrojWare.Win32.Ransom.Cerber.EW@73u1y1
BitDefenderThetaGen:NN.ZexaF.34670.Aq0@aOiM8acj
VIPRETrojan.Win32.Generic!BT
TrendMicroRansom_HPCERBER.SMALY5A
McAfee-GW-EditionBehavesLike.Win32.Ransomware.gh
FireEyeGeneric.mg.3198bc6009967704
EmsisoftGen:Variant.Razy.772097 (B)
SentinelOneStatic AI – Malicious PE
JiangminTrojan.Zerber.che
AviraHEUR/AGEN.1111275
eGambitUnsafe.AI_Score_100%
MicrosoftRansom:Win32/Cerber.K
ArcabitTrojan.Razy.DBC801
AegisLabTrojan.Win32.Generic.4!c
GDataGen:Variant.Razy.772097
AhnLab-V3Win-Trojan/Cerber.Exp
Acronissuspicious
McAfeeRansomware-CBER!3198BC600996
MAXmalware (ai score=85)
VBA32BScope.Trojan.Encoder
MalwarebytesCerber.Ransom.Encrypt.DDS
PandaTrj/Genetic.gen
TrendMicro-HouseCallRansom_HPCERBER.SMALY5A
RisingRansom.Cerber!8.3058 (CLOUD)
IkarusTrojan.Krypt
FortinetW32/Kryptik.HGZD!tr
AVGWin32:Rootkit-gen [Rtk]
Paloaltogeneric.ml
Qihoo-360Win32/Ransom.Cerber.HxQBEpsA

How to remove Razy.772097 (B)?

Razy.772097 (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment