Malware

Should I remove “Razy.980252”?

Malware Removal

The Razy.980252 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Razy.980252 virus can do?

  • Presents an Authenticode digital signature
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Razy.980252?



File Info:

name: 2C9DBEF3E7C1D1D6CAD5.mlw
path: /opt/CAPEv2/storage/binaries/b9ca08cbcdb6ecce6e7cae55544a7c3956dd6c72f00eb68504e6040791843fc4
crc32: 1811372B
md5: 2c9dbef3e7c1d1d6cad52c58a298cbe0
sha1: 978cf930058cb532c4c10cefe2a830324e9bb5c0
sha256: b9ca08cbcdb6ecce6e7cae55544a7c3956dd6c72f00eb68504e6040791843fc4
sha512: 50b73852ed464061d58eefd5bb8fa6047c5dca7800c39f057eb3da00b239f0743806ef956c538ef678cef3af51c500e979770d7113ce834fff7ea2dc49d657ac
ssdeep: 6144:aC/inRoH6szzRn/sm4C4pcIXEVMhxkE40sDGiZxI/9bqkQcR6eF9KP2HUeR+oV:akCRoH6szNgcCEuhLyxq9bGeF9KMR+M
type: PE32+ executable (GUI) x86-64, for MS Windows
tlsh: T12FB47D51B7E444E8E07AC534CA478642DA7178960F74EADF03A9927A1F776E04F3EB20
sha3_384: 8797f996c2aae2ad196493464b50566e67e6b39e588eb6483e344349455c247ed2f93b8ea41a5dba3fa0d7772634970b
ep_bytes: 4883ec28e80b0000004883c428e97afe
timestamp: 2021-08-11 22:26:42


Version Info:

CompanyName: Microsoft Corporation
FileDescription: IEToEdge BHO
FileVersion: 92.0.902.73
InternalName: ie_to_edge_stub_exe
LegalCopyright: Copyright Microsoft Corporation. All rights reserved.
OriginalFilename: ie_to_edge_stub.exe
ProductName: IEToEdge BHO
ProductVersion: 92.0.902.73
CompanyShortName: Microsoft
LastChange: cad199e39220991414cd71868a619fff614880c7
Official Build: 1
Translation: 0x0409 0x04b0

Razy.980252 also known as:

LionicTrojan.Win32.Razy.4!c
DrWebWin32.HLLW.Autoruner.547
MicroWorld-eScanGen:Variant.Razy.980252
FireEyeGen:Variant.Razy.980252
ALYacGen:Variant.Razy.980252
CyrenW32/Autorun.DB.gen!Eldorado
TrendMicro-HouseCallTROJ_GEN.R002H09KP21
BitDefenderGen:Variant.Razy.980252
AvastWin32:TrojanX-gen [Trj]
Ad-AwareGen:Variant.Razy.980252
EmsisoftGen:Variant.Razy.980252 (B)
McAfee-GW-EditionArtemis!Trojan
IkarusTrojan.Dropper
GDataGen:Variant.Razy.980252
Antiy-AVLTrojan/Generic.ASMalwS.34C924B
ArcabitTrojan.Razy.DEF51C
MicrosoftTrojan:Win32/Wacatac.B!ml
McAfeeArtemis!2C9DBEF3E7C1
MAXmalware (ai score=85)
RisingTrojan.Kryptik!1.B239 (CLASSIC)
FortinetW32/PossibleThreat
AVGWin32:TrojanX-gen [Trj]

How to remove Razy.980252?

Razy.980252 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment