Malware

Ser.Razy.14306 information

Malware Removal

The Ser.Razy.14306 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Ser.Razy.14306 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Guard pages use detected – possible anti-debugging.
  • A process attempted to delay the analysis task.
  • Dynamic (imported) function loading detected
  • Authenticode signature is invalid
  • Creates or sets a registry key to a long series of bytes, possibly to store a binary or malware config
  • Collects and encrypts information about the computer likely to send to C2 server
  • Installs itself for autorun at Windows startup
  • Collects information about installed applications
  • Detects Bochs through the presence of a registry key
  • Checks the version of Bios, possibly for anti-virtualization
  • Attempted to write directly to a physical drive
  • Collects information to fingerprint the system
  • Anomalous binary characteristics

How to determine Ser.Razy.14306?



File Info:

name: 7ABC5042D0660CD07A6A.mlw
path: /opt/CAPEv2/storage/binaries/69055236df30a32f08fd4bd20b4c550d25fd1812b26999325743f36c3ad1cf5c
crc32: 0A75F33A
md5: 7abc5042d0660cd07a6a4c1db7b85cfa
sha1: c7f8fb8a76f14ca1c59d54780dbbfe8e21c0eb98
sha256: 69055236df30a32f08fd4bd20b4c550d25fd1812b26999325743f36c3ad1cf5c
sha512: be46ae1795498f1558f343451eb241673b404782e40aacfeebe52be13a7d0b5b1d96287faa1447787ebec50df9414b1df0077c7a2c41f03c553f1bff53d9980e
ssdeep: 1536:/e8f9n8TEwPi4Uhqv+Wl3suiUhv40j34:9fJ8AwP9UhqvvlVXv40M
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T109837227F919E02AD1ADC5F02824D95638212D372E989E47A38C4F7829B15E77CF172F
sha3_384: b0178582d9c0adeafc66e5e7c132fc9c3c42cf08fe9efb339acbaca648ea1ef5a882fde7301f67d7d8d9c88f7a9de737
ep_bytes: 68cc244000e8eeffffff000000000000
timestamp: 2017-01-27 06:13:01


Version Info:

Translation: 0x0409 0x04b0
CompanyName: Royal Boskalis Westminster
ProductName: Windows Visualizers
FileVersion: 6.00
ProductVersion: 6.00
InternalName: jkmss
OriginalFilename: jkmss.exe

Ser.Razy.14306 also known as:

LionicTrojan.Win32.Generic.4!c
MicroWorld-eScanGen:Variant.Ser.Razy.14306
ALYacGen:Variant.Ser.Razy.14306
CylanceUnsafe
VIPREGen:Variant.Ser.Razy.14306
SangforTrojan.Win32.VB.RBO
K7AntiVirusTrojan-Downloader ( 005047831 )
AlibabaTrojanDownloader:Win32/Generic.913e325a
K7GWTrojan-Downloader ( 005047831 )
Cybereasonmalicious.2d0660
CyrenW32/Delf.XHJO-4701
SymantecTrojan.Gen.2
Elasticmalicious (high confidence)
ESET-NOD32Win32/TrojanDownloader.VB.RBO
APEXMalicious
Paloaltogeneric.ml
KasperskyUDS:DangerousObject.Multi.Generic
BitDefenderGen:Variant.Ser.Razy.14306
NANO-AntivirusTrojan.Win32.VB.embrra
AvastWin32:Malware-gen
Ad-AwareGen:Variant.Ser.Razy.14306
EmsisoftGen:Variant.Ser.Razy.14306 (B)
ComodoMalware@#39i8nyj3ialja
DrWebTrojan.DownLoader23.63845
ZillyaDownloader.VB.Win32.101724
TrendMicroBKDR_DELF.XXVR
McAfee-GW-EditionGenericRXCE-JE!7ABC5042D066
FireEyeGeneric.mg.7abc5042d0660cd0
IkarusTrojan-Downloader.Win32.VB
GDataGen:Variant.Ser.Razy.14306
JiangminTrojan.Generic.gcsrn
AviraHEUR/AGEN.1239408
MAXmalware (ai score=94)
Antiy-AVLTrojan/Generic.ASMalwS.9E
KingsoftWin32.Troj.Generic_a.a.(kcloud)
ArcabitTrojan.Ser.Razy.D37E2
MicrosoftTrojan:Win32/Occamy.C69
McAfeeGenericRXCE-JE!7ABC5042D066
VBA32Trojan.Downloader
TrendMicro-HouseCallBKDR_DELF.XXVR
RisingDownloader.VB!8.1EB (C64:YzY0OhBMDcVtD3Ox)
YandexTrojan.GenAsa!OJW8ZwKpcRU
SentinelOneStatic AI – Malicious PE
FortinetW32/VB.RBO!tr.dldr
BitDefenderThetaGen:NN.ZevbaF.34806.fm0@aucPzAoi
AVGWin32:Malware-gen
PandaTrj/GdSda.A
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Ser.Razy.14306?

Ser.Razy.14306 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment