Malware

Razy.787910 (B) removal tips

Malware Removal

The Razy.787910 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Razy.787910 (B) virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Dynamic (imported) function loading detected
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid

How to determine Razy.787910 (B)?



File Info:

name: 2D048E519DBC55BE1373.mlw
path: /opt/CAPEv2/storage/binaries/14673ba5771e9de8d0f0b5c390bdfb7196f92276a72912ce4b6ad67de36c3880
crc32: 5FCA3D91
md5: 2d048e519dbc55be13738b20d65f3cdc
sha1: 0051031cd12c4091049e8ed6badeae7001380ae7
sha256: 14673ba5771e9de8d0f0b5c390bdfb7196f92276a72912ce4b6ad67de36c3880
sha512: 8642da55140501b0306494aba0d4326de8072d64f2169286bb30aa9168da716965d61c0805d686c2cf4ee9fc2ad3abcdb76a563498c169a3a595d5bb313692b7
ssdeep: 3072:ibdxsFemhmyzoiAKrnUU/46HzBgPtwoJJ67outXSRS/TvzNmCAbbbbOafKna:ibdxscmhLzoWUU/TaVw2Q7oSXScjYfl
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1421402DF1F7CEE1AC4961AB21206234F6D32FD8459A88BD32296B13A6CD37436D16613
sha3_384: a69425b4b36d8262e133a0cf2a97ed4ca0d5d834d86d7a4b1344b36cbb513b78beca7bdf01c6135a25269038dc2363f1
ep_bytes: 60be009044008dbe0080fbff5789e58d
timestamp: 2018-12-08 08:51:51


Version Info:

CompanyName: Carifred
FileDescription: Quick Any2Ico
FileVersion: 2.4.0.0
InternalName: Quick Any2Ico
LegalCopyright: Carifred © 2010 - 2019
LegalTrademarks: Carifred.com
OriginalFilename: Quick Any2Ico.exe
ProductName: Quick Any2Ico
Comments: Quick Any2Ico creates high quality icons from almost anything, including converting from pictures, extracting from resources, extracting the icon associated with a file object or document, or extracting a window's icon.
ProductVersion: 2.4.0.0
Translation: 0x0409 0x04e4

Razy.787910 (B) also known as:

BkavW32.AIDetect.malware2
LionicTrojan.Win32.Razy.4!c
MicroWorld-eScanGen:Variant.Razy.787910
FireEyeGen:Variant.Razy.787910
ALYacGen:Variant.Razy.787910
SangforSuspicious.Win32.Razy.787910
BitDefenderThetaGen:NN.ZexaF.34182.lmMfaKepe!ci
Paloaltogeneric.ml
BitDefenderGen:Variant.Razy.787910
EmsisoftGen:Variant.Razy.787910 (B)
McAfee-GW-EditionBehavesLike.Win32.BadFile.cc
GDataGen:Variant.Razy.787910
McAfeeArtemis!2D048E519DBC
MAXmalware (ai score=85)
VBA32BScope.Trojan.Wacatac
APEXMalicious
RisingMalware.Heuristic!ET#75% (RDMK:cmRtazoNGPfB+FbV0yybBWY7XsNm)
Cybereasonmalicious.19dbc5
MaxSecureTrojan.Malware.109723030.susgen

How to remove Razy.787910 (B)?

Razy.787910 (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment