The Zusy.308797 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.
What Zusy.308797 (B) virus can do?
File Info:
name: 507E07D0EB81F99795DD.mlwpath: /opt/CAPEv2/storage/binaries/9e55c05ea7bfac5fdb3ef4ac0592c703218e5ac12bce8d2097746e75e506a962crc32: D0D92028md5: 507e07d0eb81f99795dd31504e339ae7sha1: c887ee1bc790411e7c22ceed05d1b1333e68c308sha256: 9e55c05ea7bfac5fdb3ef4ac0592c703218e5ac12bce8d2097746e75e506a962sha512: 3c2953c6094de34064fa4eab67912290c40c4d8f1a4577020e34dcc8d3d8a7ef2469cc90993446a260eaf907257c69ad551ef9de90d7cec42a47690e7dcafa6essdeep: 12288:i2ToLD2QfWUEknSsmjj/UVF4TDS4rx7hkTjMVJK1P5aEL3KuyhxoeVsc:ikuPfWsnnw/UV+DS4rxNEMVcRaw2v1type: PE32 executable (GUI) Intel 80386, for MS Windowstlsh: T117255B3AAF8A9136D96234BC4C5FC1D4941D3D312C585B87FF81AF4C7E76652232AA83sha3_384: a096ed8b6966c75dd8d2840fb120da5081f87bec5ad6d1c2902d9e620c7cfc84d496baa551fe1308d65b27ae370c0a0fep_bytes: 558bec83c4f05356b81c991100e83ad3timestamp: 1992-06-19 22:22:17Version Info:
CompanyName: Work ConnectionFileDescription: Net Driver ConnectionFileVersion: 1.0.0.61InternalName: LegalCopyright: LegalTrademarks: Work ConnectionOriginalFilename: ProductName: ProductVersion: 1.0.0.0Translation: 0x0416 0x04e4
Bkav | W32.AIDetectMalware |
Elastic | malicious (high confidence) |
MicroWorld-eScan | Gen:Variant.Zusy.308797 |
FireEye | Generic.mg.507e07d0eb81f997 |
CAT-QuickHeal | Trojan.Dorv |
McAfee | PWS-Banker.gen.ez |
Malwarebytes | Generic.Trojan.Delf.DDS |
VIPRE | Gen:Variant.Zusy.308797 |
Sangfor | Trojan.Win32.Save.a |
K7AntiVirus | Spyware ( 004bfe9d1 ) |
Alibaba | Malware:Win32/km_2e2d0e2.None |
K7GW | Spyware ( 004bfe9d1 ) |
Cybereason | malicious.0eb81f |
BitDefenderTheta | Gen:NN.ZelphiF.36196.8G0@auv89coG |
VirIT | Trojan.Win32.Banker6.CIJ |
Cyren | W32/Banker.V.gen!Eldorado |
Symantec | ML.Attribute.HighConfidence |
ESET-NOD32 | Win32/Spy.Banker.WGA |
APEX | Malicious |
ClamAV | Win.Trojan.Netmail-9844910-0 |
Kaspersky | Backdoor.Win32.NetMail.a |
BitDefender | Gen:Variant.Zusy.308797 |
NANO-Antivirus | Trojan.Win32.NetMail.cndhca |
Avast | Win32:Evo-gen [Trj] |
Tencent | Backdoor.Win32.NetMail.ha |
TACHYON | Trojan/W32.DP-Agent.988160 |
Emsisoft | Gen:Variant.Zusy.308797 (B) |
F-Secure | Trojan.TR/Zusy.9881605548 |
DrWeb | Trojan.DownLoader4.61273 |
Zillya | Trojan.Banker.Win32.53195 |
TrendMicro | Backdoor.Win32.NETMAIL.SMTH |
McAfee-GW-Edition | BehavesLike.Win32.PWSBanker.dh |
Sophos | Troj/Agent-BCNT |
SentinelOne | Static AI – Suspicious PE |
GData | Win32.Trojan-Stealer.Banker.AK |
Jiangmin | Backdoor/NetMail.a |
Detected | |
Avira | TR/Zusy.9881605548 |
Antiy-AVL | Trojan[Backdoor]/Win32.NetMail |
Xcitium | TrojWare.Win32.Spy.Banker.VIS@8ekceg |
Arcabit | Trojan.Zusy.D4B63D |
ZoneAlarm | Backdoor.Win32.NetMail.a |
Microsoft | Trojan:Win32/Dorv.B!rfn |
Cynet | Malicious (score: 100) |
AhnLab-V3 | Trojan/Win32.Agent.C64982 |
VBA32 | Backdoor.NetMail |
ALYac | Gen:Variant.Zusy.308797 |
MAX | malware (ai score=84) |
Cylance | unsafe |
Panda | Trj/Dtcontx.I |
Zoner | Trojan.Win32.88740 |
TrendMicro-HouseCall | Backdoor.Win32.NETMAIL.SMTH |
Rising | Ransom.Blocker!8.12A (KTSE) |
Yandex | Backdoor.NetMail!pG6fLhj3QoI |
Ikarus | Trojan-Banker.Win32.Delf |
MaxSecure | Trojan.Malware.121218.susgen |
Fortinet | W32/Banker.WGA!tr.spy |
AVG | Win32:Evo-gen [Trj] |
DeepInstinct | MALICIOUS |
CrowdStrike | win/malicious_confidence_100% (W) |
The Trojan.Generic.35619263 is considered dangerous by lots of security experts. When this infection is active,…
The Generic.Dacic.1A7FA519.A.F34D6DE8 is considered dangerous by lots of security experts. When this infection is active,…
The Babar.143901 is considered dangerous by lots of security experts. When this infection is active,…
The UDS:NetTool.Win64.FRP is considered dangerous by lots of security experts. When this infection is active,…
The Worm.Win32.Vobfus.ykp is considered dangerous by lots of security experts. When this infection is active,…
The Doina.66979 is considered dangerous by lots of security experts. When this infection is active,…