Malware

Razy.774269 removal

Malware Removal

The Razy.774269 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Razy.774269 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • Enumerates running processes
  • A process created a hidden window
  • CAPE extracted potentially suspicious content
  • Unconventionial language used in binary resources: Russian
  • Authenticode signature is invalid
  • Deletes its original binary from disk
  • Checks for the presence of known windows from debuggers and forensic tools
  • Likely virus infection of existing system binary
  • Attempts to identify installed analysis tools by a known file location
  • Checks the presence of disk drives in the registry, possibly for anti-virtualization
  • Creates a copy of itself

How to determine Razy.774269?



File Info:

name: 5BC19ACD6CB0B2E79B87.mlw
path: /opt/CAPEv2/storage/binaries/8470c6d56c29d2f3d21804368c1ff33578ed4e5033c733e7d90f7d02b483cdf1
crc32: 6BC44BED
md5: 5bc19acd6cb0b2e79b870b4e0ec1fdf8
sha1: 7f56de542c7455826eb7ff056d1714905218f1f1
sha256: 8470c6d56c29d2f3d21804368c1ff33578ed4e5033c733e7d90f7d02b483cdf1
sha512: c5a1938c52e3b9a2d5b4e99e52f4ee8c8aa69cdab6482005818038172e3437a9034a4e1f41d7e4e76c71a6660050737ae2e08194686aef4c552e1cb9a7d51928
ssdeep: 6144:AOGIZNDONiQyj400zJwYupX1M9tyFzUBfsnXFGbCQdC:DD2rhzv+OgNVGDd
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1DB5402421AF42265C7D8C33FBD666513583AB26402FA53050EEC55693B336FEC62F9B2
sha3_384: e8a97ceeedd466e00bf383d8038c3b885643ba63b75ecdf4f133591776339e03e02fd5830d646596db0c425f72a4ad21
ep_bytes: 558bec83c4d48d4dec518d4dfc518d4d
timestamp: 2008-01-22 14:38:22


Version Info:

CompanyName: MoRUN.net
FileDescription: MoRUN.net Sticker Lite
FileVersion: 6.3
InternalName: Sticker.exe
LegalCopyright: 2002-2010 (c) MoRUN.net.  All rights reserved.
OriginalFilename: Sticker.exe
ProductName: MoRUN.net Sticker Lite
ProductVersion: 6.3
Translation: 0x0409 0x04e4

Razy.774269 also known as:

BkavW32.AIDetect.malware2
Elasticmalicious (high confidence)
DrWebBackDoor.IRC.Bot.773
MicroWorld-eScanGen:Variant.Razy.774269
FireEyeGeneric.mg.5bc19acd6cb0b2e7
CAT-QuickHealWorm.SlenfBot.Gen
McAfeePWS-Spyeye.fe
CylanceUnsafe
VIPRETrojan.Win32.Kryptik.lbu (v)
SangforExploit.Win32.ShellCode.gen
K7AntiVirusTrojan ( 0021fb091 )
AlibabaExploit:Win32/Obfuscator.551dbc01
K7GWTrojan ( 0021fb091 )
Cybereasonmalicious.d6cb0b
BitDefenderThetaGen:NN.ZexaF.34212.rq0@ay!Scpnc
VirITBackdoor.Win32.Bot.BDT
CyrenW32/S-b328bb35!Eldorado
SymantecTrojan.Gen.MBT
ESET-NOD32a variant of Win32/Kryptik.KRS
TrendMicro-HouseCallTROJ_SPYEYE.SMEP
Paloaltogeneric.ml
CynetMalicious (score: 100)
KasperskyPacked.Win32.Krap.ae
BitDefenderGen:Variant.Razy.774269
NANO-AntivirusTrojan.Win32.Bot.tmxib
SUPERAntiSpywareTrojan.Agent/Gen-Kryptik
AvastWin32:TrojanX-gen [Trj]
TencentWin32.Trojan.Inject.Auto
Ad-AwareGen:Variant.Razy.774269
EmsisoftGen:Variant.Razy.774269 (B)
ComodoTrojWare.Win32.TrojanSpy.Zbot.G@2tckk5
ZillyaTrojan.Kryptik.Win32.632370
TrendMicroTROJ_SPYEYE.SMEP
McAfee-GW-EditionPWS-Spyeye.fe
SophosMal/Generic-R + Mal/FakeAV-BW
IkarusTrojan-Spy.Win32.Zbot
GDataGen:Variant.Razy.774269
JiangminWorm/Kolab.fgq
AviraTR/Crypt.XPACK.Gen
Antiy-AVLTrojan/Generic.ASMalwS.18450DD
KingsoftWin32.Troj.Krap.ae.(kcloud)
ViRobotWorm.Win32.A.Net-Kolab.214528
ZoneAlarmPacked.Win32.Krap.ae
MicrosoftVirTool:Win32/Obfuscator.QR
AhnLab-V3Trojan/Win32.Zbot.R2835
VBA32Trojan.Zeus.EA.0999
ALYacGen:Variant.Razy.774269
MAXmalware (ai score=100)
APEXMalicious
RisingExploit.ShellCode!8.2A (CLOUD)
YandexTrojan.GenAsa!QtqyctATmj8
SentinelOneStatic AI – Malicious PE
eGambitUnsafe.AI_Score_99%
FortinetW32/Kryptik.NAS!tr
AVGWin32:TrojanX-gen [Trj]
PandaBck/Qbot.AO
CrowdStrikewin/malicious_confidence_100% (D)

How to remove Razy.774269?

Razy.774269 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment