Malware

Razy.859499 malicious file

Malware Removal

The Razy.859499 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Razy.859499 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid

How to determine Razy.859499?



File Info:

name: 01E0943A183E31B1F771.mlw
path: /opt/CAPEv2/storage/binaries/3555f55364cbec6e991eea38423823c49ba6e6f6502f5a0fbac1fee5c516ab65
crc32: 4873A9BB
md5: 01e0943a183e31b1f771817914e664a4
sha1: 14fadb3cfd0169b1ce81656c3364c5780a6ece0d
sha256: 3555f55364cbec6e991eea38423823c49ba6e6f6502f5a0fbac1fee5c516ab65
sha512: 615be908a01696a1e80becca2d4033505e535a9f5359151411a72d45ff8870fb3d7b5a5dde601a9a7df2328f8d983260c8405657f11aa4b4ff2bebb7df25a1df
ssdeep: 6144:QhzrTB292ExaXckr3FNuDCORuBnh5zTVzK9owj:Cz/B2gKYBDuDCOOnh55Eowj
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T19514025795940F73E8454B79E4F723634A78918627B3568B65E908CC2C932E0EF3EB32
sha3_384: 0d3e7d06a3da26d3a497cd3298b5db0d112a3036d4204b88f146b6b6b7f7a000470f7ad6be8ae9641ef4d82fd3e36db5
ep_bytes: 558bec83c4dc33ff578f055aeb840057
timestamp: 2012-10-05 15:24:46


Version Info:

FileDescription: Symantec Shared Component
LegalCopyright: Copyright (c) 2010 Symantec Corporation. All rights reserved.
InternalName: cltLMH
CompanyName: Atari
FileVersion: 9.7.4.6
ProductVersion: 9.3.2.7
Translation: 0x0409 0x0000

Razy.859499 also known as:

BkavW32.AIDetect.malware2
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Razy.859499
ClamAVWin.Trojan.Zbot-59728
FireEyeGeneric.mg.01e0943a183e31b1
McAfeePWSZbot-FABJ!01E0943A183E
CylanceUnsafe
ZillyaTrojan.Zbot.Win32.162895
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 0055e3991 )
K7GWTrojan ( 0055e3991 )
Cybereasonmalicious.a183e3
VirITTrojan.Win32.Inject2.AOOF
CyrenW32/S-a57cec28!Eldorado
SymantecML.Attribute.HighConfidence
tehtrisGeneric.Malware
ESET-NOD32a variant of Win32/Injector.BIDJ
APEXMalicious
CynetMalicious (score: 100)
KasperskyTrojan-Spy.Win32.Zbot.toat
BitDefenderGen:Variant.Razy.859499
NANO-AntivirusTrojan.Win32.Zbot.dcmwsk
AvastWin32:Malware-gen
Ad-AwareGen:Variant.Razy.859499
EmsisoftGen:Variant.Razy.859499 (B)
DrWebTrojan.PWS.Panda.2401
VIPREGen:Variant.Razy.859499
McAfee-GW-EditionPWSZbot-FABJ!01E0943A183E
Trapminemalicious.high.ml.score
SophosML/PE-A
IkarusTrojan-Spy.Win32.Zbot
GDataGen:Variant.Razy.859499
JiangminTrojanSpy.Zbot.efjt
AviraTR/Crypt.ZPACK.Gen2
Antiy-AVLTrojan[Spy]/Win32.Zbot
KingsoftWin32.Troj.Zbot.to.(kcloud)
ArcabitTrojan.Razy.DD1D6B
ZoneAlarmTrojan-Spy.Win32.Zbot.toat
MicrosoftPWS:Win32/Zbot
GoogleDetected
AhnLab-V3HEUR/Malga.D708.X1491
BitDefenderThetaGen:NN.ZexaF.34606.my2@aGltagli
ALYacGen:Variant.Razy.859499
MAXmalware (ai score=86)
VBA32TrojanSpy.Zbot
MalwarebytesMachineLearning/Anomalous.100%
RisingMalware.Undefined!8.C (TFE:1:i4xfWRxL0AF)
YandexTrojanSpy.Zbot!XzLNsRRmxeg
SentinelOneStatic AI – Suspicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Trustezeb.PACK!tr
AVGWin32:Malware-gen
PandaTrj/Genetic.gen
CrowdStrikewin/malicious_confidence_100% (D)

How to remove Razy.859499?

Razy.859499 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment