Zusy.297650 malicious file

The Zusy.297650 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Zusy.297650 virus can do?

Creates RWX memory
Reads data out of its own binary image
Installs itself for autorun at Windows startup
Network activity detected but not expressed in API logs
Creates a slightly modified copy of itself

How to determine Zusy.297650?


File Info:
crc32: 70693CB2
md5: bdcb9946c685f08561ea45b37068e0b5
name: BDCB9946C685F08561EA45B37068E0B5.mlw
sha1: 890b777154849e26a527b2eb502b6f3ccb4129bb
sha256: 10648e7ab3e5623de3a63300fad53d594430e7ce37e51f626ef4edcec8de89ba
sha512: 6ce017d0a768287cf58195e83057f78091deb424e10f5c20a416470db5a88336079e4ad7499cca7cd4b8de64e6357992ff2dcbeb37aee87e0b004795d0dc2004
ssdeep: 24576:hxY3NtGUmJr+4Obxd+tPZSZyiE6EhE9xY3NtGUmJr+4Obxd+tPZSZAiE6EhE7:LY3buzMt0IY3buzMz0E
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
0: [No Data]

Zusy.297650 also known as:

Bkav	W32.AIDetectVM.malware
K7AntiVirus	Trojan-Downloader ( 0001b7311 )
DrWeb	Trojan.PWS.Gamania.10780
MicroWorld-eScan	Gen:Variant.Zusy.297650
ALYac	Gen:Variant.Zusy.297650
Cylance	Unsafe
Zillya	Trojan.Banker.Win32.55
Sangfor	Malware
CrowdStrike	win/malicious_confidence_90% (W)
Alibaba	TrojanSpy:Win32/Banker.e4b54340
K7GW	Trojan-Downloader ( 0001b7311 )
Cybereason	malicious.6c685f
TrendMicro	TROJ_FAM_0000747.TOMA
Cyren	W32/Trojan.ORSB-8183
Symantec	Trojan.FakeAV
ESET-NOD32	a variant of Win32/TrojanDownloader.FakeAlert.VA
Zoner	Trojan.Win32.89386
APEX	Malicious
TotalDefense	Win32/Oneraw.JJ
Avast	Win32:Trojan-gen
ClamAV	Win.Trojan.Bancos-17785
GData	Win32.Trojan.FakeAV.Q
Kaspersky	HEUR:Trojan.Win32.Generic
BitDefender	Gen:Variant.Zusy.297650
NANO-Antivirus	Trojan.Win32.Banker.oygn
ViRobot	Trojan.Win32.Banker.766787
SUPERAntiSpyware	Trojan.Agent/Gen-DownloaderBanload
Tencent	Malware.Win32.Gencirc.10b07a10
Ad-Aware	Gen:Variant.Zusy.297650
Sophos	Mal/Banker-F
Comodo	TrojWare.Win32.TrojanDownloader.Banload.~AHI@7lad3
F-Secure	Trojan.TR/Delf.865208
BitDefenderTheta	Gen:NN.ZelphiF.34108.LHZ@ayJW84gO
VIPRE	Trojan.Win32.Generic!BT
Invincea	heuristic
McAfee-GW-Edition	BehavesLike.Win32.Generic.th
Trapmine	malicious.high.ml.score
FireEye	Generic.mg.bdcb9946c685f085
Emsisoft	Gen:Variant.Zusy.297650 (B)
SentinelOne	DFI – Suspicious PE
F-Prot	W32/Trojan2.JTRU
Endgame	malicious (high confidence)
Webroot	W32.Trojan.Gen
Avira	TR/Delf.865208
eGambit	Unsafe.AI_Score_99%
Antiy-AVL	Trojan[Banker]/Win32.Banker
Microsoft	TrojanSpy:Win32/Banker.LY
Jiangmin	TrojanSpy.Banker.rxi
Arcabit	Trojan.Zusy.D48AB2
AegisLab	Trojan.Win32.Generic.4!e
ZoneAlarm	HEUR:Trojan.Win32.Generic
TACHYON	Banker/W32.DP-Pharm.1663125
AhnLab-V3	Trojan/Win32.Banker.R8976
Acronis	suspicious
McAfee	FakeAV-DR
MAX	malware (ai score=86)
VBA32	TrojanPSW.Gamania
Malwarebytes	Trojan.Banker
Panda	Trj/Genetic.gen
TrendMicro-HouseCall	TROJ_FAM_0000747.TOMA
Rising	Downloader.FakeAlert!8.4FF (CLOUD)
Yandex	Trojan.PWS.Banker!at4P5MVsOAQ
Ikarus	Trojan-Banker.Win32.Banker
MaxSecure	Trojan.Malware.7164915.susgen
Fortinet	W32/FAKEAV.Q!tr
AVG	Win32:Trojan-gen
Qihoo-360	Generic/HEUR/QVM05.1.FD6C.Malware.Gen

How to remove Zusy.297650?

Zusy.297650 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X