Malware

Ser.Lazy.2046 (file analysis)

Malware Removal

The Ser.Lazy.2046 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Ser.Lazy.2046 virus can do?

  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Attempts to modify proxy settings
  • Collects information to fingerprint the system
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Ser.Lazy.2046?


File Info:

name: 717A76FF51D6202F79ED.mlw
path: /opt/CAPEv2/storage/binaries/0d1a67a7c6fe0266bf6d50ce0806d2391378df1db91cecfeaa6d4b8289b5c1ef
crc32: 42D0AC6A
md5: 717a76ff51d6202f79ed313ce374ca4d
sha1: cd9553b617575bb66c4db7944cf3894eae24e820
sha256: 0d1a67a7c6fe0266bf6d50ce0806d2391378df1db91cecfeaa6d4b8289b5c1ef
sha512: f8fa2c92d0a3c9dda4653330e6c7dd2f881a4f29c07a48ab805640f1cfa69ad6eeca077fb5cf3c53b19edf64d13dc017bb11c407665d84e991329269c1c19910
ssdeep: 196608:vd0b8lpi6j4KsIvOne7dMWzqhSmxgNUnSc9S+Jfar20BJLK:Ka+IMeCiqhSmPScpf50He
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T14DB633B36260114DD0E6CC3A9937BEF176F21917DA52743879CA69C636325F8E603F22
sha3_384: 4ed781bd1c2d8ab6d32964e9cb502ae3ba17e8a12f5bb5b82ac3bc289b98b9e59c3a72b119dcb5a418a0e3f81812cd2b
ep_bytes: e8811d9b0032da3bcd880c140f94c2d3
timestamp: 2023-03-03 08:18:09

Version Info:

CompanyName: IObit
FileDescription: Upgrader
FileVersion: 14.2.0.43
InternalName:
LegalCopyright: © IObit. All rights reserved.
LegalTrademarks: IObit
OriginalFilename: ASCUpgrade.exe
ProductName: Advanced SystemCare
ProductVersion: 14.0.0.0
Comments:
Translation: 0x0409 0x04e4

Ser.Lazy.2046 also known as:

BkavW32.AIDetectNet.01
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Ser.Lazy.2046
Cylanceunsafe
VIPREGen:Variant.Ser.Lazy.2046
CrowdStrikewin/malicious_confidence_90% (D)
tehtrisGeneric.Malware
ESET-NOD32a variant of Win32/Packed.VMProtect.AU suspicious
APEXMalicious
BitDefenderGen:Variant.Ser.Lazy.2046
AvastWin32:Evo-gen [Trj]
EmsisoftGen:Variant.Ser.Lazy.2046 (B)
Trapminesuspicious.low.ml.score
FireEyeGeneric.mg.717a76ff51d6202f
SophosGeneric ML PUA (PUA)
SentinelOneStatic AI – Suspicious PE
AviraHEUR/AGEN.1254260
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
ArcabitTrojan.Ser.Lazy.D7FE
GDataGen:Variant.Ser.Lazy.2046
CynetMalicious (score: 100)
ALYacGen:Variant.Ser.Lazy.2046
MAXmalware (ai score=85)
MalwarebytesSpyware.PasswordStealer.Generic
RisingTrojan.Generic@AI.99 (RDML:/oN22yweV7Crq3pY4URSXA)
MaxSecureTrojan.Malware.300983.susgen
BitDefenderThetaGen:NN.ZexaF.36308.@F0@aSOqWKni
AVGWin32:Evo-gen [Trj]

How to remove Ser.Lazy.2046?

Ser.Lazy.2046 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment