Malware

Zusy.381207 removal tips

Malware Removal

The Zusy.381207 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Zusy.381207 virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary likely contains encrypted or compressed data.
  • Queries information on disks, possibly for anti-virtualization
  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics

How to determine Zusy.381207?



File Info:

crc32: BD8CFA6E
md5: d46979430a9905cf5f33e0356ddfab5d
name: D46979430A9905CF5F33E0356DDFAB5D.mlw
sha1: d6badbe8885c59f6e65b8c6472d68a93d211f4f2
sha256: 09e22d3ad6dd4563bce2ffe9c86a3caee48556e9b9a15fcfc7e5b3ce3c6bae49
sha512: 36983bfea3abfff1f080bca9b148b954cf2cfeb1ead232a02fbe221b7976d9c47a20d4390c9b745355d9ee0db3fac78683d3b05a39279fa8a365181ac53d24e3
ssdeep: 24576:dpzxb5n2w3TYJh8xeFiY0WfRVH29pF/Pt:HXn2wcj8xe0uJt29pF/Pt
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: www.180it.com
InternalName: www.180it.com
FileVersion: 1.0.0.0
CompanyName: www.180it.com
LegalTrademarks: www.180it.com
Comments: www.180it.com
ProductName: www.180it.com
ProductVersion: 1.0.0.0
FileDescription: www.180it.com
OriginalFilename: www.180it.com
Translation: 0x0804 0x03a8

Zusy.381207 also known as:

Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Zusy.381207
ALYacGen:Variant.Zusy.381207
CylanceUnsafe
SangforHacktool.Win32.Obfuscator.PECancer
CrowdStrikewin/malicious_confidence_70% (D)
BitDefenderGen:Variant.Zusy.381207
Cybereasonmalicious.30a990
SymantecML.Attribute.HighConfidence
APEXMalicious
Paloaltogeneric.ml
AlibabaTrojan:Win32/Generic.b361837a
NANO-AntivirusVirus.Win32.Gen-Crypt.ccnc
Ad-AwareGen:Variant.Zusy.381207
BitDefenderThetaGen:NN.ZexaF.34690.0C1@a0YDhyfb
VIPRETrojan-Dropper.Win32.Resdro.b (v) (not malicious)
McAfee-GW-EditionBehavesLike.Win32.Trojan.cc
FireEyeGeneric.mg.d46979430a9905cf
EmsisoftGen:Variant.Zusy.381207 (B)
Antiy-AVLTrojan/Generic.ASMalwS.2991480
MicrosoftRansom:Win32/Occamy.C
ArcabitTrojan.Zusy.D5D117
AegisLabTrojan.Win32.Malicious.4!c
GDataGen:Variant.Zusy.381207
AhnLab-V3Malware/Win32.Generic.C2891497
Acronissuspicious
McAfeeRDN/Generic.grp
MAXmalware (ai score=82)
MalwarebytesMalware.AI.4068417284
YandexTrojan.GenAsa!r5N1pL0WNb4
SentinelOneStatic AI – Malicious PE
FortinetW32/Filecoder.FV!tr.ransom
PandaTrj/CI.A

How to remove Zusy.381207?

Zusy.381207 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment