Zusy.308549 information

The Zusy.308549 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Zusy.308549 virus can do?

Executable code extraction
HTTP traffic contains suspicious features which may be indicative of malware related traffic
Performs some HTTP requests
Unconventionial binary language: Chinese (Simplified)
Unconventionial language used in binary resources: Chinese (Simplified)
The binary likely contains encrypted or compressed data.
Attempts to repeatedly call a single API many times in order to delay analysis time
Steals private information from local Internet browsers
Attempts to modify proxy settings

Related domains:

z.whorecord.xyz

a.tomx.xyz

freekzvideo.cloud

How to determine Zusy.308549?


File Info:
crc32: A7E0C18D
md5: 9bd9d6c09671cf2e2cac6e00afcc7412
name: id10.exe
sha1: 69816634a77fa573b96b6c6762f32f871501ef02
sha256: dfbc9750f6416f4f7dfa25171440ddcdf057f802ebdae076d0c301e4f755f216
sha512: ae15292598fd61125bf5ead2c4bcd4bc4be6bde7bfbf42cfb279c808e742b7dafd51fd40fc57c3e66bb9dc57718386dd178992ca2404b587337021d91d9fc5f8
ssdeep: 24576:nkZuFI6bN+4Nq/3npDA0roy7ofvEQXclyAnge3/EB:kZ5ON+4NgdAADJlRnp3/EB
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
LegalCopyright: x7248x6743x6240x6709 (C) 2020
InternalName: abc
FileVersion: 1, 0, 0, 1
CompanyName: 
LegalTrademarks: 
ProductName: abc x5e94x7528x7a0bx5e8f
ProductVersion: 1, 0, 0, 1
FileDescription: abc Microsoft x57fax7840x7c7bx5e94x7528x7a0bx5e8f
OriginalFilename: abc.EXE
Translation: 0x0804 0x04b0

Zusy.308549 also known as:

MicroWorld-eScan	Gen:Variant.Zusy.308549
FireEye	Generic.mg.9bd9d6c09671cf2e
McAfee	GenericRXLC-BX!9BD9D6C09671
Cylance	Unsafe
VIPRE	Trojan.Win32.Generic!BT
Sangfor	Malware
K7AntiVirus	Riskware ( 0040eff71 )
BitDefender	Gen:Variant.Zusy.308549
K7GW	Riskware ( 0040eff71 )
CrowdStrike	win/malicious_confidence_90% (W)
TrendMicro	TROJ_GEN.R002C0DFK20
Baidu	Win32.Trojan.Farfli.bc
Symantec	ML.Attribute.HighConfidence
APEX	Malicious
Avast	Win32:Trojan-gen
Kaspersky	Trojan-PSW.Win32.Stealer.dgr
Alibaba	TrojanPSW:Win32/Stealer.c637aac0
NANO-Antivirus	Trojan.Win32.Stealer.hmldna
AegisLab	Trojan.Win32.Stealer.i!c
Tencent	Malware.Win32.Gencirc.10cdd7ad
Endgame	malicious (high confidence)
Sophos	Mal/Generic-S
F-Secure	Trojan.TR/Bulta.xjhfh
DrWeb	Trojan.Siggen9.55204
Zillya	Trojan.GenKryptik.Win32.49802
Fortinet	W32/Stealer.DGR!tr.pws
Emsisoft	Gen:Variant.Zusy.308549 (B)
Ikarus	Trojan.Win32.Bulta
Cyren	W32/Trojan.UDJW-2715
Jiangmin	Trojan.PSW.Stealer.im
Avira	TR/Bulta.xjhfh
MAX	malware (ai score=83)
Antiy-AVL	Trojan[PSW]/Win32.Stealer
Arcabit	Trojan.Zusy.D4B545
SUPERAntiSpyware	Trojan.Agent/Gen-Bulta
ZoneAlarm	Trojan-PSW.Win32.Stealer.dgr
Microsoft	Trojan:Win32/Bulta!rfn
Cynet	Malicious (score: 100)
VBA32	TrojanPSW.Stealer
ALYac	Gen:Variant.Zusy.308549
Ad-Aware	Gen:Variant.Zusy.308549
Malwarebytes	Backdoor.Bot
Panda	Trj/GdSda.A
ESET-NOD32	a variant of Win32/GenKryptik.EMSU
TrendMicro-HouseCall	TROJ_GEN.R002C0DFK20
Rising	Trojan.Bulta!8.35D (CLOUD)
Yandex	Trojan.Agent!2bNTYzhUOmU
SentinelOne	DFI – Suspicious PE
GData	Gen:Variant.Zusy.308549
BitDefenderTheta	Gen:NN.ZexaF.34138.dr0@a4AIWIbb
AVG	Win32:Trojan-gen
Paloalto	generic.ml
Qihoo-360	Win32/Trojan.PSW.c77

How to remove Zusy.308549?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.