Categories: Malware

How to remove “Zusy.308797 (B)”?

The Zusy.308797 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Zusy.308797 (B) virus can do?

Reads data out of its own binary image
Unconventionial binary language: Portuguese (Brazil)
Unconventionial language used in binary resources: Portuguese (Brazilian)
The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid

How to determine Zusy.308797 (B)?


File Info:
name: 507E07D0EB81F99795DD.mlwpath: /opt/CAPEv2/storage/binaries/9e55c05ea7bfac5fdb3ef4ac0592c703218e5ac12bce8d2097746e75e506a962crc32: D0D92028md5: 507e07d0eb81f99795dd31504e339ae7sha1: c887ee1bc790411e7c22ceed05d1b1333e68c308sha256: 9e55c05ea7bfac5fdb3ef4ac0592c703218e5ac12bce8d2097746e75e506a962sha512: 3c2953c6094de34064fa4eab67912290c40c4d8f1a4577020e34dcc8d3d8a7ef2469cc90993446a260eaf907257c69ad551ef9de90d7cec42a47690e7dcafa6essdeep: 12288:i2ToLD2QfWUEknSsmjj/UVF4TDS4rx7hkTjMVJK1P5aEL3KuyhxoeVsc:ikuPfWsnnw/UV+DS4rxNEMVcRaw2v1type: PE32 executable (GUI) Intel 80386, for MS Windowstlsh: T117255B3AAF8A9136D96234BC4C5FC1D4941D3D312C585B87FF81AF4C7E76652232AA83sha3_384: a096ed8b6966c75dd8d2840fb120da5081f87bec5ad6d1c2902d9e620c7cfc84d496baa551fe1308d65b27ae370c0a0fep_bytes: 558bec83c4f05356b81c991100e83ad3timestamp: 1992-06-19 22:22:17
Version Info:
CompanyName: Work ConnectionFileDescription: Net Driver ConnectionFileVersion: 1.0.0.61InternalName: LegalCopyright: LegalTrademarks: Work ConnectionOriginalFilename: ProductName: ProductVersion: 1.0.0.0Translation: 0x0416 0x04e4

Zusy.308797 (B) also known as:

Bkav	W32.AIDetectMalware
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Zusy.308797
FireEye	Generic.mg.507e07d0eb81f997
CAT-QuickHeal	Trojan.Dorv
McAfee	PWS-Banker.gen.ez
Malwarebytes	Generic.Trojan.Delf.DDS
VIPRE	Gen:Variant.Zusy.308797
Sangfor	Trojan.Win32.Save.a
K7AntiVirus	Spyware ( 004bfe9d1 )
Alibaba	Malware:Win32/km_2e2d0e2.None
K7GW	Spyware ( 004bfe9d1 )
Cybereason	malicious.0eb81f
BitDefenderTheta	Gen:NN.ZelphiF.36196.8G0@auv89coG
VirIT	Trojan.Win32.Banker6.CIJ
Cyren	W32/Banker.V.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	Win32/Spy.Banker.WGA
APEX	Malicious
ClamAV	Win.Trojan.Netmail-9844910-0
Kaspersky	Backdoor.Win32.NetMail.a
BitDefender	Gen:Variant.Zusy.308797
NANO-Antivirus	Trojan.Win32.NetMail.cndhca
Avast	Win32:Evo-gen [Trj]
Tencent	Backdoor.Win32.NetMail.ha
TACHYON	Trojan/W32.DP-Agent.988160
Emsisoft	Gen:Variant.Zusy.308797 (B)
F-Secure	Trojan.TR/Zusy.9881605548
DrWeb	Trojan.DownLoader4.61273
Zillya	Trojan.Banker.Win32.53195
TrendMicro	Backdoor.Win32.NETMAIL.SMTH
McAfee-GW-Edition	BehavesLike.Win32.PWSBanker.dh
Sophos	Troj/Agent-BCNT
SentinelOne	Static AI – Suspicious PE
GData	Win32.Trojan-Stealer.Banker.AK
Jiangmin	Backdoor/NetMail.a
Google	Detected
Avira	TR/Zusy.9881605548
Antiy-AVL	Trojan[Backdoor]/Win32.NetMail
Xcitium	TrojWare.Win32.Spy.Banker.VIS@8ekceg
Arcabit	Trojan.Zusy.D4B63D
ZoneAlarm	Backdoor.Win32.NetMail.a
Microsoft	Trojan:Win32/Dorv.B!rfn
Cynet	Malicious (score: 100)
AhnLab-V3	Trojan/Win32.Agent.C64982
VBA32	Backdoor.NetMail
ALYac	Gen:Variant.Zusy.308797
MAX	malware (ai score=84)
Cylance	unsafe
Panda	Trj/Dtcontx.I
Zoner	Trojan.Win32.88740
TrendMicro-HouseCall	Backdoor.Win32.NETMAIL.SMTH
Rising	Ransom.Blocker!8.12A (KTSE)
Yandex	Backdoor.NetMail!pG6fLhj3QoI
Ikarus	Trojan-Banker.Win32.Delf
MaxSecure	Trojan.Malware.121218.susgen
Fortinet	W32/Banker.WGA!tr.spy
AVG	Win32:Evo-gen [Trj]
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_100% (W)