Malware

Zusy.382059 removal tips

Malware Removal

The Zusy.382059 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Zusy.382059 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Dynamic (imported) function loading detected
  • Performs HTTP requests potentially not found in PCAP.
  • HTTPS urls from behavior.
  • Unconventionial language used in binary resources: Korean
  • Authenticode signature is invalid
  • Attempts to modify proxy settings
  • Harvests cookies for information gathering

How to determine Zusy.382059?



File Info:

name: 390D000234E7CA211149.mlw
path: /opt/CAPEv2/storage/binaries/4607d03f7d5fd462f6685638cea14dff0160134df8b93bfb96b91f1a36ff231b
crc32: BDF799E4
md5: 390d000234e7ca211149200bc88b6b3d
sha1: 6cf7c46fa81fe538aa1438092b0696c5d4ef90ce
sha256: 4607d03f7d5fd462f6685638cea14dff0160134df8b93bfb96b91f1a36ff231b
sha512: 487739f74c426b0118d3fc1d3bddc9175a59b514c64655f101e8c36483db045661e3806a32269300cd576e8e4470941bb5bf86d0368ab3c90fe6fa70d467e75c
ssdeep: 3072:l5WhI5mMawzUuIYmpdNTi+i5R9UwP30tidb5cVZ3:lUhXuTa6nzP3Xd1a
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T18F44AE30B291C837C97B05715DEE9FB9A179BE302B81344BB3D87F0C0DB55A29626927
sha3_384: fad0a4c950b92ebaed0651e7282cbce9a2db4953cbbd06e009b525bf7edf79063d529952bb045c902d52522fc2ab7a7b
ep_bytes: 558bec6aff6800884200684046410064
timestamp: 2020-02-27 02:28:19


Version Info:

Comments: 
CompanyName: 
FileDescription: 
FileVersion: 1, 0, 0, 1
InternalName: newgodrg
LegalCopyright: Copyright (C) 2017
LegalTrademarks: 
OriginalFilename: newgodrg.EXE
PrivateBuild: 
ProductName: 
ProductVersion: 1, 0, 0, 1
SpecialBuild: 
Translation: 0x0412 0x04b0

Zusy.382059 also known as:

BkavW32.AIDetect.malware2
LionicTrojan.Win32.Vimditator.4!c
Elasticmalicious (high confidence)
DrWebTrojan.DownLoader33.1978
MicroWorld-eScanGen:Variant.Zusy.382059
FireEyeGeneric.mg.390d000234e7ca21
ALYacGen:Variant.Zusy.382059
CylanceUnsafe
ZillyaAdware.Kraddare.Win32.8818
SangforTrojan.Win32.Vimditator.ahbv
K7AntiVirusAdware ( 005110d11 )
AlibabaTrojan:Win32/Vimditator.4a51e5ab
K7GWAdware ( 005110d11 )
Cybereasonmalicious.234e7c
BitDefenderThetaGen:NN.ZexaF.34232.qq0@aKeO59gG
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Adware.Kraddare.MS
TrendMicro-HouseCallTROJ_GEN.R002C0PBH22
AvastWin32:Adware-gen [Adw]
KasperskyTrojan.Win32.Vimditator.ahbv
BitDefenderGen:Variant.Zusy.382059
NANO-AntivirusTrojan.Win32.Kraddare.hbavnp
TencentWin32.Trojan.Vimditator.Ligz
Ad-AwareGen:Variant.Zusy.382059
EmsisoftGen:Variant.Zusy.382059 (B)
ComodoApplicUnwnt@#15bcq0py5sq1p
VIPRETrojan.Win32.Generic!BT
TrendMicroTROJ_GEN.R002C0PBH22
McAfee-GW-EditionBehavesLike.Win32.Dropper.dm
SophosMal/Generic-S (PUA)
Paloaltogeneric.ml
JiangminTrojan.Vimditator.ie
AviraADWARE/Adware.Gen7
Antiy-AVLTrojan/Generic.ASMalwS.2FEE2B1
GridinsoftRansom.Win32.Occamy.sa
MicrosoftTrojan:Win32/Occamy.C46
ViRobotTrojan.Win32.Z.Kraddare.274432.A
ZoneAlarmTrojan.Win32.Vimditator.ahbv
GDataGen:Variant.Zusy.382059
CynetMalicious (score: 99)
AhnLab-V3PUP/Win32.RL_Kraddare.R325905
McAfeeGenericRXJR-UD!390D000234E7
MAXmalware (ai score=86)
VBA32BScope.Trojan.Adkor
MalwarebytesAdware.KorAd
APEXMalicious
RisingTrojan.Vimditator!8.1DAF (CLOUD)
YandexTrojan.GenAsa!9KsqaMAUNrg
FortinetRiskware/Vimditator
AVGWin32:Adware-gen [Adw]
PandaTrj/CI.A

How to remove Zusy.382059?

Zusy.382059 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment