Malware

Zusy.226158 information

Malware Removal

The Zusy.226158 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Zusy.226158 virus can do?

  • Executable code extraction
  • Injection (inter-process)
  • Injection (Process Hollowing)
  • Creates RWX memory
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • The binary likely contains encrypted or compressed data.
  • Uses Windows utilities for basic functionality
  • Attempts to remove evidence of file being downloaded from the Internet
  • Executed a process and injected code into it, probably while unpacking
  • Exhibits behavior characteristic of iSpy Keylogger
  • Network activity detected but not expressed in API logs
  • Creates a copy of itself

How to determine Zusy.226158?



File Info:

crc32: 68E7563E
md5: 1c6266e69020aabc14bf9874edd62947
name: 1C6266E69020AABC14BF9874EDD62947.mlw
sha1: df50672f4e48ca305d59e20994add97c29cafed0
sha256: d6edc843d97cf6e7300675795e444905429f5717e617e6d465cc82a93603c90d
sha512: b67af168657cef24ec7922a2607909f9177ecb4b95db32b3455a3bbfb1ba8972455177254527b5bc90c9c9d6c0a9cc3bc3123474078303db2b7ee9a12be2005c
ssdeep: 3072:o5y7mW3gER/QnEt4+vkBxjgBDgA49uehnS+xSIFIi:cy7mW35Qn24+U1gBD/yohI
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows


Version Info:

LegalCopyright:  
Assembly Version: 2.5.1.66
InternalName: EvoLine.exe
FileVersion: 2.5.1.66
Comments: 
ProductVersion: 2.5.1.66
FileDescription: Retail Demo Service 
OriginalFilename: EvoLine.exe
Translation: 0x0000 0x04b0

Zusy.226158 also known as:

Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Zusy.226158
FireEyeGeneric.mg.1c6266e69020aabc
CAT-QuickHealTrojan.MSIL
McAfeeGenericRXBF-NA!1C6266E69020
CylanceUnsafe
VIPRETrojan.Win32.Generic!BT
AegisLabTrojan.MSIL.Disfa.4!c
SangforMalware
K7AntiVirusTrojan ( 005700551 )
BitDefenderGen:Variant.Zusy.226158
K7GWTrojan ( 005700551 )
Cybereasonmalicious.69020a
BitDefenderThetaGen:NN.ZemsilF.34804.im0@aeWEiSm
CyrenW32/Trojan.SW.gen!Eldorado
SymantecML.Attribute.HighConfidence
APEXMalicious
AvastWin32:Malware-gen
KasperskyTrojan.MSIL.Disfa.ltqh
AlibabaTrojan:MSIL/Disfa.54834c6a
ViRobotTrojan.Win32.Z.Zusy.132096.BK
Ad-AwareGen:Variant.Zusy.226158
EmsisoftGen:Variant.Zusy.226158 (B)
ComodoMalware@#2h2ww66doy2b9
F-SecureHeuristic.HEUR/AGEN.1129560
DrWebTrojan.DownLoader23.56310
ZillyaTrojan.Injector.Win32.823022
TrendMicroTROJ_GEN.R002C0PAP21
McAfee-GW-EditionBehavesLike.Win32.Generic.cc
SophosMal/Generic-S
SentinelOneStatic AI – Malicious PE
AviraHEUR/AGEN.1129560
MAXmalware (ai score=100)
Antiy-AVLTrojan/Win32.TSGeneric
MicrosoftBackdoor:MSIL/Bladabindi
ArcabitTrojan.Zusy.D3736E
ZoneAlarmTrojan.MSIL.Disfa.ltqh
GDataGen:Variant.Zusy.226158
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Crypt.C1859148
Acronissuspicious
ALYacGen:Variant.Zusy.226158
MalwarebytesTrojan.PasswordStealer
PandaTrj/CI.A
ESET-NOD32a variant of MSIL/Injector.RNI
TrendMicro-HouseCallTROJ_GEN.R002C0PAP21
IkarusTrojan.MSIL.Injector
MaxSecureTrojan.Malware.300983.susgen
FortinetMSIL/Injector.RND!tr
AVGWin32:Malware-gen
Paloaltogeneric.ml
CrowdStrikewin/malicious_confidence_100% (D)
Qihoo-360Generic/Trojan.f58

How to remove Zusy.226158?

Zusy.226158 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment