Malware

About “Zusy.335560” infection

Malware Removal

The Zusy.335560 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Zusy.335560 virus can do?

  • At least one process apparently crashed during execution
  • Dynamic (imported) function loading detected
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Detects Sandboxie through the presence of a library
  • Behavioural detection: Injection (Process Hollowing)
  • Executed a process and injected code into it, probably while unpacking
  • Behavioural detection: Injection (inter-process)
  • Created a process from a suspicious location
  • CAPE detected the PoisonIvy malware family
  • Anomalous binary characteristics

How to determine Zusy.335560?



File Info:

name: AAB798BECAAADF97B5FB.mlw
path: /opt/CAPEv2/storage/binaries/e6188519bce60f5b61881d39d0104c1bc2b51b2668788c26ea517e0157b2abfc
crc32: 531F70AC
md5: aab798becaaadf97b5fbcfd6662631d1
sha1: dff8dce0eec2ca591a6bd187f9269d3d41858ae9
sha256: e6188519bce60f5b61881d39d0104c1bc2b51b2668788c26ea517e0157b2abfc
sha512: 2b7f54297ef17313bbcfe632d0358642bb7d8f3bf563337583653cf27b7c1da2838d656ca0ac30be97e9dda2c3c9f339ef5e0e9cbba9eb84ec9e629f4f76a570
ssdeep: 6144:0Hz7bXyuw3Ldy9j0ZkQHENi9h0S/76EjsWABqnZD5:wnCu8Lg9KkWYiDP/Gss9m
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1D944F117FBE08477D8A11A3CBC5A56694DB836317C61645AB3D86E4CDAFE0866C8C3C3
sha3_384: 4ebcd9d2ffa711429a7850f1f5a4db776159f498e08f79154836e0e0f0e71fa9ced90e71229a3e04c473d6e0ea8160a2
ep_bytes: 558becb9040000006a006a004975f951
timestamp: 1992-06-19 22:22:17


Version Info:

0: [No Data]

Zusy.335560 also known as:

BkavW32.AIDetect.malware2
LionicTrojan.Win32.Generic.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Zusy.335560
FireEyeGeneric.mg.aab798becaaadf97
McAfeeGenericRXHI-HX!AAB798BECAAA
CylanceUnsafe
ZillyaTrojan.Injector.Win32.35615
SangforTrojan.Win32.Generic.ky
K7AntiVirusRiskware ( 0015e4f01 )
AlibabaVirTool:Win32/DelfInject.6662f348
K7GWRiskware ( 0015e4f01 )
Cybereasonmalicious.ecaaad
CyrenW32/Delf.Q.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Injector.EJO
APEXMalicious
Paloaltogeneric.ml
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Variant.Zusy.335560
NANO-AntivirusTrojan.Win32.MLW.duyrd
AvastWin32:Inject-OU [Trj]
TencentWin32.Trojan.Generic.Lplf
Ad-AwareGen:Variant.Zusy.335560
EmsisoftGen:Variant.Zusy.335560 (B)
ComodoMalware@#12601fzxlyvud
DrWebBackDoor.Poison.685
VIPRETrojan.Win32.Generic!BT
TrendMicroTROJ_GEN.R002C0DKR21
McAfee-GW-EditionGenericRXHI-HX!AAB798BECAAA
SophosML/PE-A
IkarusTrojan.Injector
GDataGen:Variant.Zusy.335560
JiangminTrojan/Generic.gomo
AviraDR/Delphi.Gen
Antiy-AVLTrojan/Generic.ASMalwS.2AA1616
GridinsoftRansom.Win32.Gen.sa
MicrosoftVirTool:Win32/DelfInject.gen!AH
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Xema.C46571
Acronissuspicious
BitDefenderThetaAI:Packer.465F92BC1E
ALYacGen:Variant.Zusy.335560
MAXmalware (ai score=100)
VBA32BScope.Backdoor.Poison
TrendMicro-HouseCallTROJ_GEN.R002C0DKR21
RisingTrojan.Generic@ML.96 (RDML:pQLZ/C6UmLypxDUFRv+vaA)
YandexTrojan.Injector!2kiQ631km8s
SentinelOneStatic AI – Malicious PE
eGambitGeneric.Dropper
FortinetW32/Injector.fam!tr
AVGWin32:Inject-OU [Trj]
PandaTrj/CI.A
CrowdStrikewin/malicious_confidence_90% (W)
MaxSecureTrojan.Malware.2588.susgen

How to remove Zusy.335560?

Zusy.335560 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment