Zusy.361104 (B) information

The Zusy.361104 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Zusy.361104 (B) virus can do?

Dynamic (imported) function loading detected
Unconventionial language used in binary resources: Korean
Authenticode signature is invalid

How to determine Zusy.361104 (B)?


File Info:
name: 3BC076E96DBE7961C1EB.mlw
path: /opt/CAPEv2/storage/binaries/b8ba8487f2afb662811bb0a048ec65feaefc62f33233b7afe509bbed333e9f19
crc32: AEB62595
md5: 3bc076e96dbe7961c1eb4a15b31f0f03
sha1: 93e1a68134e0ce3e128852a4312de3eba7f58754
sha256: b8ba8487f2afb662811bb0a048ec65feaefc62f33233b7afe509bbed333e9f19
sha512: a66f7fcc970166cf43e67dc3410760bb747aa6a1c993ab7539272d9537cd4b67860103fef7c989848f521a75c9daabcc904076138b99b6f5ad7171ec97e8ac20
ssdeep: 1536:jDkq5M6S6RxTWGpFI2IygbwCZRCVDrM3NcIDTo:jDlu6S6RAGfwyolCVDrM3NcI/o
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1EDC38C05A493823BF4605A7482DD67C24BBDBC1337A272CFE74006CDC45A7E8A9757BA
sha3_384: 803193678da93eb5a18224df0dbf0b6c999d198a71727e73bab9a3cd11749e44a2de4bf9ec55b1ab1900b5027923d156
ep_bytes: 6a6068001e0001e874180000bf940000
timestamp: 2009-12-04 13:35:59

Version Info:
CompanyName: Microsoft Corporation
FileDescription: Internet Connection Wizard
FileVersion: 6.00.2900.5512 (xpsp.080413-2105)
InternalName: ICWCONN2
LegalCopyright: (C)Microsoft Corporation. All rights reserved.
OriginalFilename: ICWCONN2.EXE
ProductName: Microsoft(R) Windows(R) Operating System
ProductVersion: 6.00.2900.5512
Translation: 0x0412 0x04b0

Zusy.361104 (B) also known as:

Bkav	W32.AIDetect.malware1
MicroWorld-eScan	Gen:Variant.Zusy.361104
FireEye	Generic.mg.3bc076e96dbe7961
McAfee	Artemis!3BC076E96DBE
Cylance	Unsafe
Cybereason	malicious.96dbe7
Cyren	W32/Virut.D.gen!Eldorado
APEX	Malicious
Paloalto	generic.ml
Kaspersky	HEUR:Trojan.Win32.Generic
BitDefender	Gen:Variant.Zusy.361104
NANO-Antivirus	Virus.Win32.Virut-Gen.bwpxnc
Avast	Win32:Patched-AFY [Trj]
Tencent	Win32.Trojan.Generic.Lnoi
Ad-Aware	Gen:Variant.Zusy.361104
Emsisoft	Gen:Variant.Zusy.361104 (B)
McAfee-GW-Edition	BehavesLike.Win32.Virut.cm
Sophos	Generic ML PUA (PUA)
SentinelOne	Static AI – Malicious PE
Avira	TR/Patched.Gen
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
GData	Gen:Variant.Zusy.361104
Cynet	Malicious (score: 100)
Acronis	suspicious
MAX	malware (ai score=82)
Malwarebytes	Malware.AI.2655093738
Rising	Malware.Heuristic!ET#96% (RDMK:cmRtazqPiNxvmGnlqdMhphBJ6xoW)
Yandex	Trojan.Agent!fjW/kcEM9T0
Ikarus	Trojan.Win32.Menti
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/PossibleThreat
AVG	Win32:Patched-AFY [Trj]
Panda	Trj/CI.A
CrowdStrike	win/malicious_confidence_100% (W)

How to remove Zusy.361104 (B)?

Zusy.361104 (B) removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X