Malware

Zusy.2323 (file analysis)

Malware Removal

The Zusy.2323 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Zusy.2323 virus can do?

  • Sample contains Overlay data
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Authenticode signature is invalid
  • CAPE detected the shellcode get eip malware family
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Zusy.2323?



File Info:

name: D74BBE5629602FFCF3CF.mlw
path: /opt/CAPEv2/storage/binaries/02418a66175a94da67e98f2a16c8522371f06957e4af63c29feb63779ef3734f
crc32: 46B570D6
md5: d74bbe5629602ffcf3cf5ff26e1c86d9
sha1: 2481d53482587ade594b8182f68b20a5e7d89916
sha256: 02418a66175a94da67e98f2a16c8522371f06957e4af63c29feb63779ef3734f
sha512: a81a0542e063fef3c2d51eea44e8930524d3b313c959b5c7508a76c54ec78269eb22aa106949fe3b931e9ed246e8e615ce7f4c2f123d726b4748d81caeee8d03
ssdeep: 3072:7OZnuQq5hlJCalDoG6MyeY/mDi/61ulAnKqn5lxoUgoMJYa4mOmVkLrOWjrA:l5hDCrMyeY/mDXnneU7MR4mOrLaWjrA
type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
tlsh: T13434BE22F556C5B1C48D127C0987137DA33EAC01AF615AE39B48FB6DA9723D09E36287
sha3_384: 3c368cf6e0af8ebb6a2e072b32d0af958552666550f7bd1e3708214a7285f8ad39aa7dacb74499465f7d30aa583aa2cb
ep_bytes: 6a0c68305c0110e87901000033c04089
timestamp: 2010-09-27 09:21:28


Version Info:

CompanyName: Beijing Angels Technology ltd.
FileDescription: IE Media Object
FileVersion: 1.0.0.1
InternalName: BHO.dll
LegalCopyright: Beijing Angels Technology ltd.  All rights reserved.
OriginalFilename: b.dll
ProductName: IE Media Object
ProductVersion: 1.0.0.1
Translation: 0x0804 0x03a8

Zusy.2323 also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Kykymber.lmDX
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Zusy.2323
FireEyeGeneric.mg.d74bbe5629602ffc
SkyhighBehavesLike.Win32.Infected.dh
McAfeeGenericRXAC-BO!D74BBE562960
Cylanceunsafe
ZillyaAdware.BHO.Win32.4355
SangforSuspicious.Win32.Save.ins
CrowdStrikewin/malicious_confidence_90% (W)
AlibabaTrojanDownloader:Win32/Adnur.3288e2bf
K7GWAdware ( 004faa4d1 )
K7AntiVirusAdware ( 004faa4d1 )
BitDefenderThetaGen:NN.ZedlaF.36802.om@@aezWtFlj
VirITAdware.Win32.Benega.EHT
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Adware.WSearch.AQ
APEXMalicious
TrendMicro-HouseCallTROJ_AGENT_008173.TOMB
ClamAVWin.Adware.Bho-2009
KasperskyTrojan-Downloader.Win32.Adnur.won
BitDefenderGen:Variant.Zusy.2323
NANO-AntivirusRiskware.Win32.BHO.dusqx
AvastWin32:BHO-ADO [Adw]
TencentMalware.Win32.Gencirc.1165d223
SophosTroj/BHO-QJ
F-SecureTrojan.TR/Crypt.XPACK.Gen
DrWebAdware.Benega.2905
VIPREGen:Variant.Zusy.2323
TrendMicroTROJ_AGENT_008173.TOMB
EmsisoftGen:Variant.Zusy.2323 (B)
IkarusTrojan-Downloader.Win32.Adnur
JiangminAdware/BHO.bue
GoogleDetected
AviraTR/Crypt.XPACK.Gen
VaristW32/AdLoad.I.gen!Eldorado
Antiy-AVLGrayWare[AdWare]/Win32.BHO
KingsoftWin32.Troj.Undef.a
MicrosoftPUA:Win32/Bitrepeyp.B
XcitiumTrojWare.Win32.TrojanProxy.Puma.jsjg@3gzr6m
ArcabitTrojan.Zusy.D913
ZoneAlarmTrojan-Downloader.Win32.Adnur.won
GDataWin32.Trojan.PSE.N540AG
CynetMalicious (score: 100)
VBA32Trojan.BHORA
ALYacGen:Variant.Zusy.2323
MAXmalware (ai score=90)
MalwarebytesGeneric.Malware.AI.DDS
PandaTrj/Genetic.gen
RisingBackdoor.Win32.Undef.gxf (CLASSIC)
YandexTrojan.GenAsa!iKSPMWaHhcQ
SentinelOneStatic AI – Malicious PE
FortinetAdware/BHO
AVGWin32:BHO-ADO [Adw]
DeepInstinctMALICIOUS
alibabacloudTrojan

How to remove Zusy.2323?

Zusy.2323 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment