Razy.860074 (file analysis)

The Razy.860074 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Razy.860074 virus can do?

The binary likely contains encrypted or compressed data.
Authenticode signature is invalid
Anomalous binary characteristics

How to determine Razy.860074?


File Info:
name: F204307B52C09A8D96C5.mlw
path: /opt/CAPEv2/storage/binaries/d273763e1818c18fe16f0740ae697901f89ab666f72b52c1e7f6fa253c1b088d
crc32: 69FE068C
md5: f204307b52c09a8d96c5db97d3b318c5
sha1: 413e84e51b4b21936334325d83ae3f26583c18b0
sha256: d273763e1818c18fe16f0740ae697901f89ab666f72b52c1e7f6fa253c1b088d
sha512: d6392833fe83494a2b5295aa01298ed7fe247ec2fff2d181bb3e0e315daba8d6b1a07805a3b0a5ef8b6c03cdf86df3177b7ba0f13eec17a69a4f4ef57b6d1e46
ssdeep: 49152:Nk+V8tgJd8xlj9DtoZtCWlIssZLi5lKr+hEp6vWWhipXqpIR8x:2+CgaQ0GUVpXopIix
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T1FC061729EEEE9E22DCB201308F7D936D54747C901BA4C58B22547A6DD933F88692F713
sha3_384: 9cb0687d561cc1d830f1a480799f581a98546c55889b6b5b49d70cb9743ee4f0f8156af2c3f0fc6868b84f0211c15cf0
ep_bytes: 561068efd0cf68c96f10f85b0a8c8c14
timestamp: 2016-01-29 01:25:53

Version Info:
0: [No Data]

Razy.860074 also known as:

Bkav	W32.AIDetect.malware1
DrWeb	Trojan.Siggen7.54760
MicroWorld-eScan	Gen:Variant.Razy.860074
ALYac	Gen:Variant.Razy.860074
CrowdStrike	win/malicious_confidence_80% (W)
Cyren	W32/Emotet.BBS.gen!Eldorado
TrendMicro-HouseCall	TROJ_GEN.R03BH09A922
ClamAV	Win.Malware.Bulz-9859378-0
BitDefender	Gen:Variant.Razy.860074
Ad-Aware	Gen:Variant.Razy.860074
Emsisoft	Gen:Variant.Razy.860074 (B)
McAfee-GW-Edition	BehavesLike.Win32.Generic.wm
FireEye	Gen:Variant.Razy.860074
Sophos	Generic ML PUA (PUA)
Ikarus	Virus.Win32.Ipamor
GData	Gen:Variant.Razy.860074
Jiangmin	Packed.Krap.gvyg
MaxSecure	Trojan.Malware.121218.susgen
Avira	TR/Patched.Gen
Arcabit	Trojan.Razy.DD1FAA
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
Cynet	Malicious (score: 100)
McAfee	Artemis!F204307B52C0
MAX	malware (ai score=80)
SentinelOne	Static AI – Malicious PE
eGambit	Unsafe.AI_Score_95%
Fortinet	W32/Pajetbin.K!tr

How to remove Razy.860074?

Razy.860074 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X