Razy.976106 (B) removal instruction

The Razy.976106 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Razy.976106 (B) virus can do?

CAPE extracted potentially suspicious content
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid
Binary compilation timestomping detected

How to determine Razy.976106 (B)?


File Info:
name: 0C4FC54CC2D124C6E61E.mlw
path: /opt/CAPEv2/storage/binaries/ee646accd52310fd99ffe417e2448f45cee83c9fb7906647ac446b0603ed83d3
crc32: D4241406
md5: 0c4fc54cc2d124c6e61ec469ace31e88
sha1: 3a953f3fc23f8c62cbe56a01211326162873f869
sha256: ee646accd52310fd99ffe417e2448f45cee83c9fb7906647ac446b0603ed83d3
sha512: 3c7e197ad5e6afbcdee32589b0e00d1587f38e594350e943e34c4efef6ac7c9acc174dd0d773e2777c7cbc8db73ecc43955afcf09af7437d286e68f09bd2e164
ssdeep: 12288:Qchkw1q3n5xwF2hOPIsW2CRyeHB24HdxuI9S19oSOD2jtE2Wq5:lkE85LOAsW2CNHHSI9S1qSOStE2p
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T138D4E00072E44B11D3AB1A75C2B3252083B2F99727B3D74E3B4826BA2D41365FE977D9
sha3_384: 6548828ae6f9f32ef6cae9404419cc54fd57d89b12f186a66df3aef5f46e2494ed430492b98d471288a9aa6b91542fc7
ep_bytes: ff250020400000000000000000000000
timestamp: 2071-09-11 16:46:29

Version Info:
Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: Zeus
FileVersion: 1.0.0.0
InternalName: Zeus.exe
LegalCopyright: Copyright ©  2020
LegalTrademarks: 
OriginalFilename: Zeus.exe
ProductName: Zeus
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Razy.976106 (B) also known as:

Bkav	W32.AIDetectNet.01
MicroWorld-eScan	Gen:Variant.Razy.976106
FireEye	Generic.mg.0c4fc54cc2d124c6
VIPRE	Gen:Variant.Razy.976106
K7AntiVirus	Trojan ( 0058a32c1 )
K7GW	Trojan ( 0058a32c1 )
Cybereason	malicious.fc23f8
Cyren	W32/MSIL_Kryptik.CVB.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of MSIL/DllInject.AAI potentially unsafe
APEX	Malicious
Kaspersky	HEUR:Trojan-PSW.MSIL.Disco.gen
BitDefender	Gen:Variant.Razy.976106
Avast	Win32:MalwareX-gen [Trj]
Ad-Aware	Gen:Variant.Razy.976106
Emsisoft	Gen:Variant.Razy.976106 (B)
Sophos	Troj/Disteal-W
GData	Gen:Variant.Razy.976106
Google	Detected
MAX	malware (ai score=82)
Arcabit	Trojan.Razy.DEE4EA
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
Cynet	Malicious (score: 100)
AhnLab-V3	Trojan/Win32.Kryptik.C4186533
Acronis	suspicious
ALYac	Gen:Variant.Razy.976106
VBA32	Downloader.MSIL.gen.rexp
Malwarebytes	Generic.Trojan.Malicious.DDS
Rising	Trojan.Generic/MSIL@AI.100 (RDM.MSIL:rCQhisIE97FzX68TPWf+pA)
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.300983.susgen
BitDefenderTheta	Gen:NN.ZemsilF.34606.Mm0@aym0Ad
AVG	Win32:MalwareX-gen [Trj]

How to remove Razy.976106 (B)?

Razy.976106 (B) removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X