Malware

How to remove “Zusy.322737”?

Malware Removal

The Zusy.322737 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Zusy.322737 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • Enumerates running processes
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid

How to determine Zusy.322737?



File Info:

name: 8426D6C03AA8080B76D5.mlw
path: /opt/CAPEv2/storage/binaries/2a8237619c5daf731fb0e8fd930048ad4f06190d5726ff976a37d79b0c0f0aac
crc32: 19F5997C
md5: 8426d6c03aa8080b76d5ff6f501b5c9b
sha1: 61325b6198ce4c2b84abce974393205d37b28d05
sha256: 2a8237619c5daf731fb0e8fd930048ad4f06190d5726ff976a37d79b0c0f0aac
sha512: cf6c47a55a0e0236192334fda595e10b04dc17a4c8891925b9785340dddf9f7b61d10982b2fb61fd63a69dd5a77f44e5708a4d49db260dbf7f5ccd013d4097c5
ssdeep: 49152:fhoPlPt30jdXb6zcRh3ucP7f4oLJ+4KPAyKRh/Ehoz60iR+:JIlPt3oXHhTDf4Ww4KKh/EhozpK+
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1D9E502935215201AD9A75B354537ACF136B72E3219024CBB67F87CCF3A36AC16A2BD13
sha3_384: d198128608713ce0306ebe7a649b40bfa297686113eeef0e17aa5c069078a7012022f5c7e480643540f96009f3008cc0
ep_bytes: 558bec6aff68c838640068002c640064
timestamp: 2020-10-21 08:04:16


Version Info:

CompanyName: Maxximate Technologies Inc.
FileDescription: X-Amp Application
FileVersion: 1.2.4.189
InternalName: X-Amp
LegalCopyright: Maxximate Technologies Inc.
LegalTrademarks: Maxximate Technologies Inc.
OriginalFilename: X-AMP.EXE
ProductName: X-Amp
ProductVersion: 1.24
Translation: 0x0409 0x04e4

Zusy.322737 also known as:

BkavW32.AIDetect.malware1
LionicTrojan.Win32.Ekstak.4!c
tehtrisGeneric.Malware
MicroWorld-eScanGen:Variant.Zusy.322737
FireEyeGeneric.mg.8426d6c03aa8080b
ALYacGen:Variant.Zusy.322737
CylanceUnsafe
VIPREGen:Variant.Zusy.322737
Sangfor[ARMADILLO V1.71]
K7AntiVirusTrojan ( 0058214e1 )
AlibabaTrojan:Win32/Ekstak.52471e65
K7GWTrojan ( 0058214e1 )
CrowdStrikewin/malicious_confidence_100% (W)
CyrenW32/Kryptik.BXV.gen!Eldorado
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Kryptik.HAYM
APEXMalicious
Paloaltogeneric.ml
ClamAVWin.Packed.Adrozek-9811562-0
KasperskyHEUR:Trojan.Win32.Ekstak.gen
BitDefenderGen:Variant.Zusy.322737
NANO-AntivirusTrojan.Win32.Ekstak.iaqxwd
AvastWin32:AdwareX-gen [Adw]
TencentWin32.Trojan.Ekstak.Dxwg
Ad-AwareGen:Variant.Zusy.322737
EmsisoftGen:Variant.Zusy.322737 (B)
DrWebTrojan.Zadved.1655
ZillyaTrojan.Kryptik.Win32.2595295
TrendMicroTROJ_GEN.R007C0PFR22
McAfee-GW-EditionBehavesLike.Win32.Generic.wc
Trapminemalicious.moderate.ml.score
SophosMal/Generic-R + Troj/Agent-BEQV
IkarusTrojan.Win32.Crypt
GDataGen:Variant.Zusy.322737
JiangminTrojan.Ekstak.bmcc
AviraHEUR/AGEN.1244176
MAXmalware (ai score=86)
ArcabitTrojan.Zusy.D4ECB1
MicrosoftBrowserModifier:Win32/Adrozek
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Wacatac.R353738
Acronissuspicious
McAfeeGenericRXMK-GO!8426D6C03AA8
VBA32BScope.Trojan.Ekstak
MalwarebytesAdware.DownloadAssistant
TrendMicro-HouseCallTROJ_GEN.R007C0PFR22
RisingTrojan.Kryptik!1.AA23 (CLASSIC)
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.73555928.susgen
FortinetW32/Kryptik.HASW!tr
BitDefenderThetaGen:NN.ZexaF.34742.cB0@aKmOsNii
AVGWin32:AdwareX-gen [Adw]
Cybereasonmalicious.03aa80
PandaTrj/GdSda.A

How to remove Zusy.322737?

Zusy.322737 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment