Zusy.332989 malicious file

The Zusy.332989 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Zusy.332989 virus can do?

Executable code extraction
Presents an Authenticode digital signature
Creates RWX memory
Unconventionial binary language: Russian
Unconventionial language used in binary resources: Russian
Network activity detected but not expressed in API logs
Attempts to interact with an Alternate Data Stream (ADS)
Anomalous binary characteristics

Related domains:

z.whorecord.xyz

a.tomx.xyz

How to determine Zusy.332989?


File Info:
crc32: 2F37C3DB
md5: 0bd3178b4d806ddf2e49eae12346d498
name: 0BD3178B4D806DDF2E49EAE12346D498.mlw
sha1: b7632541792ef1c76ad7768ebb9a4e64ab85cf53
sha256: ceed52557102317de4de0071384181a584c21cb5f525f6a6c213a636c3c95540
sha512: 8b4b7a99c6045bfdc2d105fdbf54f787a10f26d25a912b7a77ec637b23e593827b06eeeb1c34859e74512b98c48c4f628f5346c2a594ec043c3a787f9baee36f
ssdeep: 12288:TItwsUmheC/8fsX3RGIpwr8v5aiqHS7u9iftPjvj:TAMsX3R9yW5aiqHSKEtLj
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
ProductVersion: 2,37,5,2012
Translation: 0x0419 0x04b0

Zusy.332989 also known as:

Bkav	W32.AIDetectVM.malware2
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Zusy.332989
FireEye	Generic.mg.0bd3178b4d806ddf
CAT-QuickHeal	SoftwareBunlder.Ogimant.P8
ALYac	Gen:Variant.Zusy.332989
Cylance	Unsafe
VIPRE	LooksLike.Win32.Upatre.mj (v)
AegisLab	Riskware.Win32.LMN.1!c
Sangfor	Malware
K7AntiVirus	Trojan ( 004fe5ff1 )
BitDefender	Gen:Variant.Zusy.332989
K7GW	Trojan ( 004fe5ff1 )
Cybereason	malicious.b4d806
BitDefenderTheta	Gen:NN.ZexaF.34804.Xq1@aeoQYTkk
Cyren	W32/S-e0702f92!Eldorado
Symantec	Trojan.Shylock
ESET-NOD32	a variant of Win32/Kryptik.FKBP
Baidu	Win32.Trojan.Kryptik.yh
APEX	Malicious
Avast	Win32:Injector-CUR [Trj]
Kaspersky	not-a-virus:Downloader.Win32.LMN.aot
Alibaba	Downloader:Win32/Kryptik.aa9bf1a4
NANO-Antivirus	Trojan.Win32.LoadMoney.ekgkir
Tencent	Malware.Win32.Gencirc.10b3bbbe
Ad-Aware	Gen:Variant.Zusy.332989
Sophos	Troj/LdMon-AW
Comodo	Application.Win32.LoadMoney.DA@6pmmut
F-Secure	Heuristic.HEUR/AGEN.1120373
DrWeb	Trojan.LoadMoney.1932
Zillya	Trojan.StrictorCRTD.Win32.5237
TrendMicro	TROJ_GEN.R002C0OAF21
McAfee-GW-Edition	PUP-GSQ
Emsisoft	Application.Bundler (A)
Ikarus	PUA.Win32.Ogimant
Jiangmin	Downloader.LMN.ewj
MaxSecure	Trojan.Trojan.WIN32.Packed-LZ.d_177914
Avira	HEUR/AGEN.1120373
MAX	malware (ai score=80)
Antiy-AVL	Trojan/Win32.TSGeneric
Microsoft	SoftwareBundler:Win32/Ogimant
Arcabit	Trojan.Zusy.D514BD
AhnLab-V3	PUP/Win32.LoadMoney.R191383
ZoneAlarm	not-a-virus:Downloader.Win32.LMN.aot
GData	Gen:Variant.Zusy.332989
Cynet	Malicious (score: 100)
Acronis	suspicious
McAfee	PUP-GSQ
VBA32	Downloader.LMN
Malwarebytes	LoadMoney.Adware.BrowserHijack.DDS
Panda	Trj/Genetic.gen
TrendMicro-HouseCall	TROJ_GEN.R002C0OAF21
Rising	Malware.Ogimant!8.E948 (TFE:5:UTBTZe9PR2C)
Yandex	Trojan.GenAsa!t6lRVOq/oWw
SentinelOne	Static AI – Malicious PE – Installer
eGambit	Unsafe.AI_Score_99%
Fortinet	W32/Generic.AC.3A4316!tr
AVG	Win32:Injector-CUR [Trj]
Paloalto	generic.ml
CrowdStrike	win/malicious_confidence_100% (D)
Qihoo-360	Win32/Virus.Downloader.3b2

How to remove Zusy.332989?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

Zusy.332989 malicious file