What is “Razy.795663”?

The Razy.795663 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Razy.795663 virus can do?

Sample contains Overlay data
Authenticode signature is invalid

How to determine Razy.795663?


File Info:
name: F7B0C7B0DDB05F2234AF.mlw
path: /opt/CAPEv2/storage/binaries/8bb67ae79cb18d091afaf9a4903dc12fbb287350ec0e176f27fa7bcda1bdd34d
crc32: F0DAC05B
md5: f7b0c7b0ddb05f2234af08170b189445
sha1: e6355a41c64c845d9c84925738f7af404deeb8b0
sha256: 8bb67ae79cb18d091afaf9a4903dc12fbb287350ec0e176f27fa7bcda1bdd34d
sha512: cbb87a6bc5b03a9c9820dd8105ae53b49ebd128021b7da1b02767703628c526582474710c679cfc9bc7d31fece38f190468b9fba22933d04b1a1fd5d666ba010
ssdeep: 3072:c6wIelItwzciCG2PfYemkIgq3KlzcIg7pA5hGK9Bv4+rsbrCz28gafX24FYycjvt:c6wRlpcJfakm3KaIg654+BFrs+n0yKvt
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T14104B056B55490F3CDA72A705A5DB7BA53FA6E3822348C83F3943D696664CC2731E303
sha3_384: 00ec752c3b1367d3eb93602e43557d0c7541447d2607768b282fcbc21403ebf9c556ef5477a712eb91e7338982b03df9
ep_bytes: b811990085c07504c645ff01a170a49b
timestamp: 2011-07-12 18:37:44

Version Info:
0: [No Data]

Razy.795663 also known as:

Bkav	W32.AIDetect.malware1
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Razy.795663
FireEye	Generic.mg.f7b0c7b0ddb05f22
Cylance	Unsafe
Sangfor	Trojan.Win32.Save.a
CrowdStrike	win/malicious_confidence_100% (D)
BitDefenderTheta	Gen:NN.ZexaF.34592.lmY@a04ZNrl
Symantec	ML.Attribute.HighConfidence
APEX	Malicious
ClamAV	Win.Trojan.Zeus-6412294-0
BitDefender	Gen:Variant.Razy.795663
Avast	Sf:Crypt-BT [Trj]
Ad-Aware	Gen:Variant.Razy.795663
Sophos	ML/PE-A
VIPRE	Gen:Variant.Razy.795663
TrendMicro	Cryp_Xin1
Trapmine	suspicious.low.ml.score
Emsisoft	Gen:Variant.Razy.795663 (B)
SentinelOne	Static AI – Malicious PE
Google	Detected
Avira	TR/Kazy.MK
MAX	malware (ai score=81)
GData	Gen:Variant.Razy.795663
Cynet	Malicious (score: 100)
ALYac	Gen:Variant.Razy.795663
TrendMicro-HouseCall	Cryp_Xin1
Rising	Spyware.Zbot!1.648A (CLASSIC)
Ikarus	Trojan-Spy.Zbot
AVG	Sf:Crypt-BT [Trj]
Cybereason	malicious.0ddb05

How to remove Razy.795663?

Razy.795663 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X