Categories: Malware

Zusy.376265 malicious file

The Zusy.376265 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Zusy.376265 virus can do?

SetUnhandledExceptionFilter detected (possible anti-debug)
Creates RWX memory
Dynamic (imported) function loading detected
Unconventionial binary language: Chinese (Simplified)
Unconventionial language used in binary resources: Chinese (Simplified)
Authenticode signature is invalid

How to determine Zusy.376265?


File Info:
name: 671AEBE909A7BD8FC6CF.mlwpath: /opt/CAPEv2/storage/binaries/2af731a3ad67761c127174cde5fc8b8f0c025caa54a436aaa17467c7b510442ecrc32: 5E695B2Cmd5: 671aebe909a7bd8fc6cf9276849cb409sha1: 1cf2ff63187daca27a190c03807fff9334e0f3besha256: 2af731a3ad67761c127174cde5fc8b8f0c025caa54a436aaa17467c7b510442esha512: 13ea719723473e537436504174ecc2260a220b1a08326c66b1381908980a81f1574a1cca7305a684fba881c996b880563c86d04bd726d94870dd24443a21808essdeep: 49152:ceDSeTL4PDLAnO3MY2P/ys8LKs4Lz+3bYH3VnJyMHc+vEkwh5Cg5gRmep89:D/TLoAOcH/ynm+3kXVnJVc2whggmRB89type: PE32 executable (GUI) Intel 80386, for MS Windowstlsh: T1B9466C237420D454D8400B3FE692463864A71658E8FAD443FB4CBE67BB396136A6FB1Fsha3_384: 8bea42e1cf28f075a67abf5248d2f4ad7aa6f166ab2fe42e33ffc123a2cbe039a6af0325de0a2b8a1ff059504b9d4b1bep_bytes: 558bec6aff68104f770068ecfc690064timestamp: 2018-12-26 10:21:22
Version Info:
Comments: 本程序由papercut开发,任何人不得用于木马,病毒,后门等用途!由此造成一切后果,本人不负任何及连带责任!CompanyName: 乐赏GSCQ|GBT小组出品FileDescription: 百战天虫WMD——————集成Brimstone升级档中英文完整硬盘版FileVersion: 集成Brimstone升级档InternalName: Setup.exeLegalCopyright: 版权所有 乐赏 1998-2022LegalTrademarks: China.tianchaoOriginalFilename: Setup.exePrivateBuild: ‘  WORLD ORDERProductName: 百战天虫WMD——————集成Brimstone升级档中英文完整硬盘版ProductVersion: 集成Brimstone升级档SpecialBuild: 集成Brimstone升级档Translation: 0x0804 0x04b0

Zusy.376265 also known as:

Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Zusy.376265
FireEye	Generic.mg.671aebe909a7bd8f
McAfee	Artemis!671AEBE909A7
Cylance	Unsafe
Zillya	Trojan.Convagent.Win32.250
Sangfor	Trojan.Win32.Bsymem.gen
K7AntiVirus	Trojan ( 005246d51 )
Alibaba	Trojan:Win32/BlackMoon.24ad0b34
K7GW	Trojan ( 005246d51 )
CrowdStrike	win/malicious_confidence_100% (W)
Cyren	W32/Trojan.CLL.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/Packed.BlackMoon.A potentially unwanted
APEX	Malicious
Paloalto	generic.ml
ClamAV	Win.Malware.Zusy-9865501-0
Kaspersky	HEUR:Trojan.Win32.Bsymem.gen
BitDefender	Gen:Variant.Zusy.376265
Avast	Win32:Malware-gen
Sophos	Mal/Generic-S
Comodo	Worm.Win32.Dropper.RA@1qraug
TrendMicro	TROJ_GEN.R002C0DAU22
McAfee-GW-Edition	BehavesLike.Win32.Virus.tc
Emsisoft	Gen:Variant.Zusy.376265 (B)
SentinelOne	Static AI – Malicious PE
Jiangmin	Trojan.Bsymem.agm
Antiy-AVL	Trojan/Generic.ASCommon.FA
Kingsoft	Win32.Troj.Generic_a.a.(kcloud)
Microsoft	VirTool:Win32/AutoRun!atmn
GData	Gen:Variant.Zusy.376265
Cynet	Malicious (score: 100)
BitDefenderTheta	Gen:NN.ZexaF.34182.@t3@aWslPVob
ALYac	Gen:Variant.Zusy.376265
MAX	malware (ai score=83)
VBA32	BScope.Trojan.Tiggre
Malwarebytes	Trojan.MalPack.FlyStudio
TrendMicro-HouseCall	TROJ_GEN.R002C0DAU22
Rising	Trojan.Kryptik!1.B3E8 (CLOUD)
Yandex	Trojan.GenAsa!OhxoQ9Aj8SA
Ikarus	Trojan-Downloader
Fortinet	W32/CoinMiner.65CA!tr
AVG	Win32:Malware-gen
Cybereason	malicious.909a7b
Panda	Trj/CI.A