Malware

About “Ser.Zusy.4277” infection

Malware Removal

The Ser.Zusy.4277 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Ser.Zusy.4277 virus can do?

  • Sample contains Overlay data
  • Presents an Authenticode digital signature
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • CAPE detected the RedLine malware family
  • Anomalous binary characteristics
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Ser.Zusy.4277?



File Info:

name: D2F60B9061F278EDB5D5.mlw
path: /opt/CAPEv2/storage/binaries/52d79a503461a5e4bfed7f0e6afd808413007a14377ce80208c1615faca98fdc
crc32: 91BE3BC5
md5: d2f60b9061f278edb5d5a5b296ceb810
sha1: 43cc2d42e4cf954cb0e4807ffefb04883e81f081
sha256: 52d79a503461a5e4bfed7f0e6afd808413007a14377ce80208c1615faca98fdc
sha512: f6cede580425470727127b99044cf2513b09b9f30c24076c67da6138fddb63aaf50ca94b3dd2bb4ec6f609d4daecdb58b8c339aa76104beb665bbb08ed04875b
ssdeep: 6144:b3low1Ds1l58hUllLVd/+Vo3lEVm6+ysc:b3lLs1l58hULLVp+Vi2Vm6+0
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T10B744F3BEB85F1C2FF49963C76D364AF2CEE7A7A02A5106509014256349DF7039E0BB9
sha3_384: 45de35b1c08e33de26fb45c8162347ce98464210221e1754d1265fdc0157aadcb16a7aabb8dedea9c8b8857e01f066bc
ep_bytes: e8653c0000e9a4feffffcccccccc8b4c
timestamp: 2023-05-06 19:12:19


Version Info:

Comments: zcY63T9QiurpeWdzEjyz
CompanyName: Oracle Corporation
FileDescription: Oracle Corporation Product
FileVersion: 7.68.31.730
InternalName: eHPvzS9lXA
LegalCopyright: 
LegalTrademarks: 
OriginalFilename: itg7FRX6xz
ProductName: OqBclr2y2JkcbPYgUR1C
ProductVersion: 7.68.31.730
Translation: 0x081a 0x081a

Ser.Zusy.4277 also known as:

BkavW32.AIDetectMalware
Elasticmalicious (high confidence)
MalwarebytesSpyware.RedLineStealer
K7AntiVirusTrojan ( 005a37211 )
K7GWTrojan ( 005a37211 )
ESET-NOD32a variant of Win32/Kryptik.HSYN
APEXMalicious
KasperskyVHO:Backdoor.Win32.Agent.gen
BitDefenderGen:Variant.Ser.Zusy.4277
NANO-AntivirusVirus.Win32.Gen.ccmw
MicroWorld-eScanGen:Variant.Ser.Zusy.4277
AvastPWSX-gen [Trj]
RisingTrojan.Generic@AI.94 (RDMK:cmRtazoeOvfTkQ+jAEMB1dlez8Yk)
EmsisoftGen:Variant.Ser.Zusy.4277 (B)
Trapminemalicious.high.ml.score
FireEyeGeneric.mg.d2f60b9061f278ed
MAXmalware (ai score=82)
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
ArcabitTrojan.Ser.Zusy.D10B5
ZoneAlarmVHO:Backdoor.Win32.Agent.gen
GDataGen:Variant.Ser.Zusy.4277
VBA32BScope.TrojanSpy.Bobik
Cylanceunsafe
MaxSecurePSW.W32.Coins.gen_265938
BitDefenderThetaGen:NN.ZexaCO.36196.vq2@aGRn3lki
AVGPWSX-gen [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_70% (D)

How to remove Ser.Zusy.4277?

Ser.Zusy.4277 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment