Malware

Razy.775772 (B) malicious file

Malware Removal

The Razy.775772 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Razy.775772 (B) virus can do?

  • Executable code extraction
  • Presents an Authenticode digital signature
  • Creates RWX memory
  • Possible date expiration check, exits too soon after checking local time
  • A process created a hidden window
  • The binary likely contains encrypted or compressed data.
  • Uses Windows utilities for basic functionality
  • Anomalous binary characteristics

How to determine Razy.775772 (B)?



File Info:

crc32: FBB31E03
md5: b1b086202246ba3f9654b87d18ff2d77
name: B1B086202246BA3F9654B87D18FF2D77.mlw
sha1: eb1e38d769f3c9b5b0e4d95dce7d666275da5d09
sha256: b953f6f0f87c8cb0376c34baade75ea3302ec83fe3388845afc2060b32cf9ea0
sha512: 6a3a8c73f2efe217030915475946b4e54fcef0ed927de30acf030c15c3ad8ef3d2f0f531fe995fb543cad779c45bb638374d35b9b93b757a3b2db2da66be52a5
ssdeep: 6144:3KMxrqxH6cd1b3QGLwUuxOd4RFxXGjjMvVCj/Go5NRV:wHrdpjq4GFxXGHMvVCrdfRV
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: Copyright xa9 Headlight Software, Inc.  All rights reserved.
InternalName: AdminPrivSetting.exe
FileVersion: 1.0.6.5
CompanyName: Headlight Software, Inc.
ProductName: (Shared by Headlight Software Products)
ProductVersion: 1.0.6.5
FileDescription: Change Settings that need Admin Privileges
OriginalFilename: AdminPrivSetting.exe
Translation: 0x0409 0x04e4

Razy.775772 (B) also known as:

BkavW32.AIDetectVM.malware1
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Razy.775772
Qihoo-360HEUR/QVM19.1.3FBB.Malware.Gen
ALYacGen:Variant.Razy.775772
CylanceUnsafe
SangforMalware
K7AntiVirusTrojan ( 00571f591 )
BitDefenderGen:Variant.Razy.775772
K7GWTrojan ( 00571f591 )
Cybereasonmalicious.769f3c
CyrenW32/Trojan.JOAB-4997
SymantecML.Attribute.HighConfidence
APEXMalicious
AvastWin32:BankerX-gen [Trj]
ClamAVWin.Packed.Mint-9784350-0
KasperskyHEUR:Trojan-Banker.Win32.Qbot.vho
NANO-AntivirusVirus.Win32.Gen.ccmw
RisingTrojan.Kryptik!1.CE73 (CLASSIC)
Ad-AwareGen:Variant.Razy.775772
EmsisoftGen:Variant.Razy.775772 (B)
DrWebTrojan.Inject4.4079
InvinceaML/PE-A + Troj/Agent-AJFK
McAfee-GW-EditionGenericRXMN-MU!B1B086202246
FireEyeGeneric.mg.b1b086202246ba3f
SophosTroj/Agent-AJFK
IkarusTrojan.Win32.Gencbl
JiangminTrojan.Zenpak.dth
Antiy-AVLGrayWare/Win32.Kryptik.ehls
MicrosoftTrojan:Win32/Qakbot.AR!Cert
GridinsoftTrojan.Win32.Packed.oa!s2
ArcabitTrojan.Razy.DBD65C
SUPERAntiSpywareTrojan.Agent/Generic
ZoneAlarmHEUR:Trojan-Banker.Win32.Qbot.vho
GDataGen:Variant.Razy.775772
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Qakbot.R354641
Acronissuspicious
McAfeeGeneric Obfuscated.g
MAXmalware (ai score=88)
VBA32BScope.Trojan.Wacatac
MalwarebytesBackdoor.Qbot.Generic
PandaTrj/Genetic.gen
ESET-NOD32a variant of Win32/Kryptik.HHDH
TencentMalware.Win32.Gencirc.10ce0f60
SentinelOneStatic AI – Malicious PE
eGambitPE.Heur.InvalidSig
FortinetW32/Kryptik.HGKG!tr
BitDefenderThetaGen:NN.ZexaF.34634.tq1@a01mueei
AVGWin32:BankerX-gen [Trj]
CrowdStrikewin/malicious_confidence_80% (D)
MaxSecureTrojan.Malware.121218.susgen

How to remove Razy.775772 (B)?

Razy.775772 (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment