Malware

What is “Zusy.354958”?

Malware Removal

The Zusy.354958 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Zusy.354958 virus can do?

  • Executable code extraction
  • Injection (inter-process)
  • Injection (Process Hollowing)
  • Creates RWX memory
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • Executed a process and injected code into it, probably while unpacking
  • Attempts to remove evidence of file being downloaded from the Internet
  • Network activity detected but not expressed in API logs
  • Creates a slightly modified copy of itself
  • Anomalous binary characteristics

How to determine Zusy.354958?



File Info:

crc32: 32ABE425
md5: 27f5cc71c86c95a68eef13da11aa18aa
name: 27F5CC71C86C95A68EEF13DA11AA18AA.mlw
sha1: 99f24b4269e023c05eeaed3ef93c2304eabbbab0
sha256: f678e23054e633c385190b27e0080bbfcb20f8f480283eac88b027e7f7944a1e
sha512: c16f18a8f5cf7433912cff9c5313303260d6605cdedb0f9f1ca7bdf38d44e1a9750149d562548bf31166e3b8bae4dca637393ad1471c694e21dab102d61aa773
ssdeep: 24576:RGRzatThRiVNbLGJv6plFh9iGa2oMYMgdsHGeny:88TjFJspDLoVMgdkLy
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

0: [No Data]

Zusy.354958 also known as:

BkavW32.AIDetectVM.malware2
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Zusy.354958
CAT-QuickHealTrojanToga.MUE.R9
ALYacGen:Variant.Zusy.354958
CylanceUnsafe
VIPRETrojan.Win32.Generic!BT
SangforMalware
CrowdStrikewin/malicious_confidence_100% (W)
BitDefenderGen:Variant.Zusy.354958
K7GWTrojan ( 004abd861 )
K7AntiVirusTrojan ( 004abd861 )
BaiduWin32.Trojan-Dropper.Injector.f
CyrenW32/S-24f4c04b!Eldorado
SymantecW32.Faedevour!inf
APEXMalicious
AvastWin32:Ghost-B
ClamAVWin.Malware.Bzub-6727003-0
KasperskyBackdoor.Win32.Androm.qxe
AlibabaTrojanDropper:Win32/dropper.ali1003001
NANO-AntivirusTrojan.Win32.Androm.ctymsi
ViRobotWin32.Daws.B
RisingDropper.Agent!1.AF79 (CLASSIC)
Ad-AwareGen:Variant.Zusy.354958
EmsisoftGen:Variant.Zusy.354958 (B)
ComodoTrojWare.Win32.Toga.PYF@7g9q1h
F-SecureTrojan.TR/Agent.18113
DrWebTrojan.Inject2.58694
ZillyaBackdoor.Androm.Win32.6167
TrendMicroTROJ_SYSN_GE2300B9.UVPA
McAfee-GW-EditionBehavesLike.Win32.Generic.fc
FireEyeGeneric.mg.27f5cc71c86c95a6
SophosMal/Generic-S
IkarusBackdoor.Win32.Androm
JiangminTrojanDropper.Daws.byh
AviraTR/Agent.18113
eGambitUnsafe.AI_Score_99%
Antiy-AVLTrojan[Backdoor]/Win32.Androm.qxe
MicrosoftTrojan:Win32/Ymacco.AAF6
ArcabitTrojan.Zusy.D56A8E
ZoneAlarmBackdoor.Win32.Androm.qxe
GDataGen:Variant.Zusy.354958
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Androm.C933366
Acronissuspicious
McAfeePWSZbot-FIB!27F5CC71C86C
MAXmalware (ai score=88)
VBA32Backdoor.Androm
MalwarebytesGeneric.Trojan.Injector.DDS
PandaTrj/Genetic.gen
ESET-NOD32a variant of Win32/TrojanDropper.Agent.PYF
TrendMicro-HouseCallTROJ_SYSN_GE2300B9.UVPA
TencentBackdoor.Win32.Androm.qxe
YandexTrojan.GenAsa!zFH4sqyAwHU
SentinelOneStatic AI – Malicious PE – Downloader
MaxSecureTrojan.Malware.121218.susgen
FortinetW32/Injector.AQV!tr
BitDefenderThetaGen:NN.ZexaF.34804.!mZ@a0uO1wh
AVGWin32:Ghost-B
Cybereasonmalicious.1c86c9
Paloaltogeneric.ml
Qihoo-360Win32/Virus.DayeWang.A

How to remove Zusy.354958?

Zusy.354958 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment