Malware

Razy.976106 (B) removal instruction

Malware Removal

The Razy.976106 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Razy.976106 (B) virus can do?

  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Binary compilation timestomping detected

How to determine Razy.976106 (B)?


File Info:

name: 0C4FC54CC2D124C6E61E.mlw
path: /opt/CAPEv2/storage/binaries/ee646accd52310fd99ffe417e2448f45cee83c9fb7906647ac446b0603ed83d3
crc32: D4241406
md5: 0c4fc54cc2d124c6e61ec469ace31e88
sha1: 3a953f3fc23f8c62cbe56a01211326162873f869
sha256: ee646accd52310fd99ffe417e2448f45cee83c9fb7906647ac446b0603ed83d3
sha512: 3c7e197ad5e6afbcdee32589b0e00d1587f38e594350e943e34c4efef6ac7c9acc174dd0d773e2777c7cbc8db73ecc43955afcf09af7437d286e68f09bd2e164
ssdeep: 12288:Qchkw1q3n5xwF2hOPIsW2CRyeHB24HdxuI9S19oSOD2jtE2Wq5:lkE85LOAsW2CNHHSI9S1qSOStE2p
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T138D4E00072E44B11D3AB1A75C2B3252083B2F99727B3D74E3B4826BA2D41365FE977D9
sha3_384: 6548828ae6f9f32ef6cae9404419cc54fd57d89b12f186a66df3aef5f46e2494ed430492b98d471288a9aa6b91542fc7
ep_bytes: ff250020400000000000000000000000
timestamp: 2071-09-11 16:46:29

Version Info:

Translation: 0x0000 0x04b0
Comments:
CompanyName:
FileDescription: Zeus
FileVersion: 1.0.0.0
InternalName: Zeus.exe
LegalCopyright: Copyright © 2020
LegalTrademarks:
OriginalFilename: Zeus.exe
ProductName: Zeus
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Razy.976106 (B) also known as:

BkavW32.AIDetectNet.01
MicroWorld-eScanGen:Variant.Razy.976106
FireEyeGeneric.mg.0c4fc54cc2d124c6
VIPREGen:Variant.Razy.976106
K7AntiVirusTrojan ( 0058a32c1 )
K7GWTrojan ( 0058a32c1 )
Cybereasonmalicious.fc23f8
CyrenW32/MSIL_Kryptik.CVB.gen!Eldorado
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of MSIL/DllInject.AAI potentially unsafe
APEXMalicious
KasperskyHEUR:Trojan-PSW.MSIL.Disco.gen
BitDefenderGen:Variant.Razy.976106
AvastWin32:MalwareX-gen [Trj]
Ad-AwareGen:Variant.Razy.976106
EmsisoftGen:Variant.Razy.976106 (B)
SophosTroj/Disteal-W
GDataGen:Variant.Razy.976106
GoogleDetected
MAXmalware (ai score=82)
ArcabitTrojan.Razy.DEE4EA
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Kryptik.C4186533
Acronissuspicious
ALYacGen:Variant.Razy.976106
VBA32Downloader.MSIL.gen.rexp
MalwarebytesGeneric.Trojan.Malicious.DDS
RisingTrojan.Generic/MSIL@AI.100 (RDM.MSIL:rCQhisIE97FzX68TPWf+pA)
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
BitDefenderThetaGen:NN.ZemsilF.34606.Mm0@aym0Ad
AVGWin32:MalwareX-gen [Trj]

How to remove Razy.976106 (B)?

Razy.976106 (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment