Malware

Zusy.355052 removal tips

Malware Removal

The Zusy.355052 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Zusy.355052 virus can do?

  • Sample contains Overlay data
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • Authenticode signature is invalid
  • Deletes executed files from disk
  • Anomalous binary characteristics

How to determine Zusy.355052?



File Info:

name: 4919422A42C5C2AB0568.mlw
path: /opt/CAPEv2/storage/binaries/27255dff66813d629bddd2848dd5efef44e4957ce751ae5e823afe6f01b697fb
crc32: 3BC76635
md5: 4919422a42c5c2ab05688b5a24fd40fa
sha1: d9d1db9857be7d3e229abce220867412620b78ec
sha256: 27255dff66813d629bddd2848dd5efef44e4957ce751ae5e823afe6f01b697fb
sha512: c3d1402f2464e0fe5961aa74e823a149d1a20b1102dfd33423ce63ee8b1df329208b6e1f2572a268b6d924a2b98e794c0b5a927f338b7aff093e2310a1259d8c
ssdeep: 49152:GC2lJmXbj5DIwbQea1LPEyK7r385JD3d6cIWhAIOMW5e:GzlkbFDVrQMyOr3S3d6cLhAIOJE
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T18DA52202F293C072D4A501B104658BBA4F7A7C319775D0F7AFD43A6A9D703E29A3778A
sha3_384: f8a71d98a7c3f664ec22f6501558e000baacb9afa10c15b30b3b694907789437910161cba163ec01ddb02be8c7bd5e67
ep_bytes: e8a61d0000e989feffff8bff565733f6
timestamp: 2015-02-09 21:57:00


Version Info:

Comments: Created with Setup Factory
FileDescription: Setup Application
FileVersion: 9.5.0.0
InternalName: suf_launch
LegalCopyright: Setup Engine Copyright © 2004-2015 Indigo Rose Corporation
LegalTrademarks: Setup Factory is a trademark of Indigo Rose Corporation.
OriginalFilename: suf_launch.exe
ProductName: Setup Factory Runtime
ProductVersion: 9.5.0.0
Translation: 0x0409 0x04e4

Zusy.355052 also known as:

MicroWorld-eScanGen:Variant.Zusy.355052
FireEyeGen:Variant.Zusy.355052
Cybereasonmalicious.a42c5c
Elasticmalicious (moderate confidence)
APEXMalicious
BitDefenderGen:Variant.Zusy.355052
Ad-AwareGen:Variant.Zusy.355052
SophosGeneric ML PUA (PUA)
DrWebWin32.HLLW.Autoruner.25074
VIPREGen:Variant.Zusy.355052
Trapminemalicious.moderate.ml.score
EmsisoftGen:Variant.Zusy.355052 (B)
SentinelOneStatic AI – Suspicious PE
GDataGen:Variant.Zusy.355052
GoogleDetected
ArcabitTrojan.Zusy.D56AEC
MicrosoftProgram:Win32/Wacapew.C!ml
BitDefenderThetaGen:NN.ZexaF.34606.tq0@aGokS1j
ALYacGen:Variant.Zusy.355052
MAXmalware (ai score=84)
IkarusTrojan.MSIL.Bladabindi

How to remove Zusy.355052?

Zusy.355052 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment