Razy.783699 malicious file

The Razy.783699 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Razy.783699 virus can do?

Sample contains Overlay data
Reads data out of its own binary image
Unconventionial language used in binary resources: Russian
Authenticode signature is invalid

How to determine Razy.783699?


File Info:
name: DAFE288926A1DF200486.mlw
path: /opt/CAPEv2/storage/binaries/249733a829dc48cb4216693cdee6b82fe5f4ad04909e35a6316be72eebf69a0c
crc32: 032A0A8D
md5: dafe288926a1df20048615417a8de5ad
sha1: 0c0b4c21ec50d0c5d33a49d5acd916212a549f60
sha256: 249733a829dc48cb4216693cdee6b82fe5f4ad04909e35a6316be72eebf69a0c
sha512: bd359b2e07a9421b2b85d1dcddd2b5e09c1c2cfaa27876c881234da4789dc1352530b9be23c41e0f1f9ccbf994932e9939eba6b0c92a24677012dddcb53ceea7
ssdeep: 3072:BmzJktbbENFvx0HPaeXseTbCbXRVr9j3f0gKvzCrsWdoXz1fm1noSCgcg8Z+6HSJ:gzJktb4NFWbcePCbXtGCYu1no+4y8y+Q
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T10744E01246018998F34D0B711A6AF8E60A89AD7E54E4F60FF57CFD3A28725A316F305F
sha3_384: 4dc35cba3aabad7e2ef3207a84615707625f3a4a8602cfe35b622d3bb4e87c26febd35f7dcada57cc2d1b46c408a8417
ep_bytes: 56e86affffff8b35202040008d642400
timestamp: 2012-04-27 17:17:38

Version Info:
0: [No Data]

Razy.783699 also known as:

Bkav	W32.AIDetect.malware2
Lionic	Trojan.Win32.Generic.4!c
MicroWorld-eScan	Gen:Variant.Razy.783699
FireEye	Generic.mg.dafe288926a1df20
CAT-QuickHeal	Trojan.MauvaiseRI.S5242706
ALYac	Gen:Variant.Razy.783699
Cylance	Unsafe
VIPRE	Gen:Variant.Razy.783699
Sangfor	Suspicious.Win32.Save.a
Cybereason	malicious.926a1d
BitDefenderTheta	Gen:NN.ZexaF.34698.quZ@a4i0KQnc
VirIT	Trojan.Win32.Packed.BHFY
Cyren	W32/Gimemo.C.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	Win32/Spy.Zbot.AAQ
TrendMicro-HouseCall	TROJ_GEN.R067C0CJ522
ClamAV	Win.Trojan.Ransom-4725
Kaspersky	HEUR:Trojan.Win32.Generic
BitDefender	Gen:Variant.Razy.783699
NANO-Antivirus	Trojan.Win32.Ransom.rgffr
Cynet	Malicious (score: 100)
SUPERAntiSpyware	Trojan.Agent/Gen-Ransom
APEX	Malicious
Tencent	Malware.Win32.Gencirc.10b87a54
Ad-Aware	Gen:Variant.Razy.783699
Emsisoft	Gen:Variant.Razy.783699 (B)
Comodo	TrojWare.Win32.Spy.Zbot.DTNY@4pp6dp
F-Secure	Trojan.TR/Ransom.icmnra
DrWeb	Trojan.Packed.22462
Zillya	Trojan.Tipp.Win32.914
McAfee-GW-Edition	BehavesLike.Win32.Generic.dc
Sophos	ML/PE-A + Troj/Agent-VQC
Ikarus	Trojan.Win32.Tipp
GData	Gen:Variant.Razy.783699
Jiangmin	Trojan/Tipp.sy
Webroot	W32.Trojan.Gen
Avira	TR/Ransom.icmnra
MAX	malware (ai score=80)
Antiy-AVL	Trojan/Win32.Tipp
Arcabit	Trojan.Razy.DBF553
ViRobot	Trojan.Win32.A.Tipp.277031
ZoneAlarm	HEUR:Trojan.Win32.Generic
Microsoft	VirTool:Win32/Injector.AX
Google	Detected
AhnLab-V3	Trojan/Win32.Tipp.R24479
McAfee	PWS-Zbot.gen.ym
TACHYON	Trojan/W32.Agent.277031.D
VBA32	Trojan.Tipp
Malwarebytes	Malware.AI.4184280538
Avast	Win32:Citadel [Trj]
Rising	HackTool.Injector!8.1E2 (TFE:2:AMkhmIcbz5P)
Yandex	Trojan.Injector!4qJ95XpUl6A
SentinelOne	Static AI – Suspicious PE
Fortinet	W32/Tipp.PGH!tr
AVG	Win32:Citadel [Trj]
Panda	Trj/Genetic.gen
CrowdStrike	win/malicious_confidence_100% (W)

How to remove Razy.783699?

Razy.783699 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X