Ser.Razy.495 (file analysis)

The Ser.Razy.495 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Ser.Razy.495 virus can do?

Expresses interest in specific running processes
HTTP traffic contains suspicious features which may be indicative of malware related traffic
Performs some HTTP requests
Attempts to repeatedly call a single API many times in order to delay analysis time
Steals private information from local Internet browsers
Attempts to access Bitcoin/ALTCoin wallets
Harvests credentials from local FTP client softwares
Harvests information related to installed instant messenger clients
Collects information to fingerprint the system

Related domains:

www.bing.com

www.eyeover.it

How to determine Ser.Razy.495?


File Info:
crc32: 4B02B130
md5: 750fbf1831dd7d271b5838c013d62221
name: lol.exe
sha1: bbc85a50b253112c13e13ba9b67be53d6f66f89d
sha256: d0711bd86c081c1a531607b105e2ac6fe058dda503b6853e9cba03d310ba1d16
sha512: 8b6ea1d2b7faa87c09b0f658738164768bc37489059f6962a668af4c4877990a73e7cd859960b850c5355dae30d55442eeb64564ea8dc22fd224366478c0cb96
ssdeep: 1536:5P+usQdxmHStgdxF8HBLL/SbCr9BFTpG8JGU8YVTPMVuN:t+usQhWTFIBLL+c9VJrN2VuN
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
0: [No Data]

Ser.Razy.495 also known as:

Bkav	W32.AIDetectVM.malware1
DrWeb	Trojan.PWS.Stealer.25040
MicroWorld-eScan	Gen:Variant.Ser.Razy.495
FireEye	Generic.mg.750fbf1831dd7d27
Qihoo-360	Generic/HEUR/QVM20.1.6755.Malware.Gen
McAfee	GenericRXHU-GR!750FBF1831DD
Cylance	Unsafe
VIPRE	Trojan.Win32.Generic!BT
Sangfor	Malware
K7AntiVirus	Spyware ( 0053d5ad1 )
BitDefender	Gen:Variant.Ser.Razy.495
K7GW	Spyware ( 0053d5ad1 )
Cybereason	malicious.831dd7
Invincea	heuristic
BitDefenderTheta	Gen:NN.ZexaF.34130.euW@a8ijgpn
Cyren	W32/Trojan.CAAX-0370
Symantec	ML.Attribute.HighConfidence
APEX	Malicious
Paloalto	generic.ml
GData	Gen:Variant.Ser.Razy.495
Kaspersky	HEUR:Trojan.Win32.Generic
Alibaba	TrojanSpy:Win32/Generic.92164f87
NANO-Antivirus	Trojan.Win32.Stealer.frdnip
AegisLab	Trojan.Win32.Generic.4!c
Rising	Spyware.Agent!8.C6 (CLOUD)
Ad-Aware	Gen:Variant.Ser.Razy.495
Emsisoft	Gen:Variant.Ser.Razy.495 (B)
Comodo	Malware@#t0bo20rbshzq
F-Secure	Trojan.TR/AD.Khalesi.kevpd
Zillya	Trojan.Agent.Win32.1300119
TrendMicro	TROJ_GEN.R002C0PG320
Trapmine	malicious.moderate.ml.score
Sophos	Mal/Generic-S
Ikarus	Trojan-Spy.Agent
Jiangmin	Trojan.Generic.dkuxp
Webroot	W32.Trojan.Gen
Avira	TR/AD.Khalesi.kevpd
MAX	malware (ai score=82)
Antiy-AVL	Trojan/Win32.Fuerboos
Endgame	malicious (high confidence)
Arcabit	Trojan.Ser.Razy.495
ZoneAlarm	HEUR:Trojan.Win32.Generic
Microsoft	Trojan:Win32/Occamy.C
AhnLab-V3	Malware/Win32.Generic.C2792519
Acronis	suspicious
VBA32	BScope.Trojan.Fuerboos
ALYac	Gen:Variant.Ser.Razy.495
Malwarebytes	Spyware.PasswordStealer
Panda	Trj/GdSda.A
ESET-NOD32	a variant of Win32/Spy.Agent.PNJ
TrendMicro-HouseCall	TROJ_GEN.R002C0PG320
Tencent	Win32.Trojan.Generic.Aeod
Yandex	Trojan.Agent!xn73LY1TkUg
SentinelOne	DFI – Malicious PE
eGambit	Unsafe.AI_Score_99%
Fortinet	W32/Generic.AC.453F64
AVG	Win32:Trojan-gen
Avast	Win32:Trojan-gen
CrowdStrike	win/malicious_confidence_100% (W)

How to remove Ser.Razy.495?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

Ser.Razy.495 (file analysis)