How to remove “Razy.826447”?

The Razy.826447 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Razy.826447 virus can do?

Behavioural detection: Executable code extraction – unpacking
Dynamic (imported) function loading detected
Authenticode signature is invalid

How to determine Razy.826447?


File Info:
name: 6E923E99997E8B452787.mlw
path: /opt/CAPEv2/storage/binaries/faa04cd84063dae0b0684a32253850ff60f018e6ed30b28aef1fa58d8dc634dc
crc32: 250631AC
md5: 6e923e99997e8b452787ab86d6d3bf87
sha1: 57298336b29f52f1116c446713e0cf108e927f51
sha256: faa04cd84063dae0b0684a32253850ff60f018e6ed30b28aef1fa58d8dc634dc
sha512: e5f4f9799dd5d3f28f6f1417018f368ce7df69dad488fbd0964de345ad5840aec0843c73c587b126fe5ca60ed1dd5cb9d66ef97007b5a6468a1b8d15fb13ffa8
ssdeep: 6144:ifAb7nC0WEG05iTCpaw0tmVh6NWEG05iTHAb7nCZv:P953IhmiH5jo
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T16205F7C6B1649085DAF8B5F1B872E92220F93CB89DC3494D77F9723A1472983DD06A1F
sha3_384: f5429d9657f8f9dd9bf231a05c84ae7a92ec9890daf0a32ab7a2bb85309193f446e5fa871f3465c1b6c1e0e137dc07e0
ep_bytes: 6858cc4500e8eeffffff000000000000
timestamp: 2021-01-14 16:20:22

Version Info:
Translation: 0x0409 0x04b0
CompanyName: Pogue
ProductName: KMcGregor
FileVersion: 1.00
ProductVersion: 1.00
InternalName: Setup
OriginalFilename: Setup.exe

Razy.826447 also known as:

Lionic	Trojan.Win32.Razy.4!c
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Razy.826447
FireEye	Gen:Variant.Razy.826447
McAfee	Artemis!6E923E99997E
Cylance	Unsafe
K7AntiVirus	Trojan ( 005728661 )
Alibaba	AdWare:Win32/AdLoad.526082a4
K7GW	Trojan ( 005728661 )
Cybereason	malicious.9997e8
BitDefenderTheta	AI:Packer.C94661CE1F
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/Indiloadz.CG
TrendMicro-HouseCall	TROJ_GEN.R002C0WKQ21
Kaspersky	Trojan-Downloader.Win32.Adload.scgg
BitDefender	Gen:Variant.Razy.826447
Avast	Win32:Trojan-gen
Tencent	Win32.Trojan-downloader.Adload.Wskg
Ad-Aware	Gen:Variant.Razy.826447
Sophos	Generic PUA FH (PUA)
TrendMicro	TROJ_GEN.R002C0WKQ21
McAfee-GW-Edition	BehavesLike.Win32.Fareit.cm
Emsisoft	Gen:Variant.Razy.826447 (B)
Ikarus	Trojan.Win32.Indiloadz
GData	Gen:Variant.Razy.826447
eGambit	Unsafe.AI_Score_95%
Avira	HEUR/AGEN.1140903
Microsoft	Trojan:Win32/Wacatac.B!ml
Cynet	Malicious (score: 99)
AhnLab-V3	Malware/Win32.RL_Generic.R364219
ALYac	Gen:Variant.Razy.826447
MAX	malware (ai score=84)
Malwarebytes	Adware.IndiLoadz
APEX	Malicious
Yandex	Trojan.DL.Adload!HLVEAvDJHag
SentinelOne	Static AI – Malicious PE
Fortinet	W32/Indiloadz.CG!tr
Webroot	W32.Trojan.Gen
AVG	Win32:Trojan-gen
Panda	Trj/GdSda.A
CrowdStrike	win/malicious_confidence_60% (W)

How to remove Razy.826447?

Razy.826447 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X