Zusy.393635 information

Malware Removal

The Zusy.393635 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Zusy.393635 virus can do?

  • Executable code extraction
  • Attempts to connect to a dead IP:Port (3 unique times)
  • Creates RWX memory
  • At least one IP Address, Domain, or File Name was found in a crypto call
  • Reads data out of its own binary image
  • Performs some HTTP requests
  • The binary likely contains encrypted or compressed data.
  • Looks up the external IP address
  • Anomalous binary characteristics

Related domains:

api.ipify.org
158.102.105.176.zen.spamhaus.org
158.102.105.176.cbl.abuseat.org
158.102.105.176.b.barracudacentral.org
158.102.105.176.dnsbl-1.uceprotect.net
158.102.105.176.spam.dnsbl.sorbs.net

How to determine Zusy.393635?


File Info:

crc32: AC954D9A
md5: 346446b4a209814f7542e706a561ad89
name: 346446B4A209814F7542E706A561AD89.mlw
sha1: 3e77832af77b84ded9c08212fc2bd9d7022f6c9c
sha256: 4f62613ea4bd6d30bc3a4ba8dd3e3b386419d1895253f880a7861fe43d90ebe7
sha512: b2823b7d0a226e71339c51715dd57a42690310e58e7e1f1f8f66d0b443e776739c7bf65dfdfa686d6322eec57b33c7cd1eaaf3c960712432d5162a8427253eef
ssdeep: 12288:d/muw2ZHeJOQQ3cv8ZefEPWkf8Jg3hWyPvLmrd2:d/O2Z+QM0Ze7kf8Gqr4
type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows

Version Info:

LegalCopyright: TODO: (c) . All rights reserved.
InternalName: SoundStudio.exe
FileVersion: 1.0.0.1
CompanyName: TODO:
ProductName: TODO:
ProductVersion: 1.0.0.1
FileDescription: TODO:
OriginalFilename: SoundStudio.exe
Translation: 0x0409 0x04e4

Zusy.393635 also known as:

ALYacTrojan.Trickster.Gen
CrowdStrikewin/malicious_confidence_80% (W)
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/GenKryptik.FHOV
APEXMalicious
AvastWin32:BankerX-gen [Trj]
CynetMalicious (score: 100)
KasperskyHEUR:Trojan.Win32.Trickpak.gen
BitDefenderGen:Variant.Zusy.393635
MicroWorld-eScanGen:Variant.Zusy.393635
Ad-AwareGen:Variant.Zusy.393635
VIPREWin32.Malware!Drop
McAfee-GW-EditionArtemis!Trojan
FireEyeGeneric.mg.346446b4a209814f
EmsisoftGen:Variant.Zusy.393635 (B)
SentinelOneStatic AI – Suspicious PE
AviraTR/Kryptik.wmsud
KingsoftWin32.Troj.Undef.(kcloud)
MicrosoftTrojan:Win32/TrickBotCrypt.PR!MTB
GDataGen:Variant.Zusy.393635
AhnLab-V3Trojan/Win.Generic.C4553941
McAfeeRDN/TrickBot
MAXmalware (ai score=87)
MalwarebytesTrojan.TrickBot
PandaTrj/GdSda.A
IkarusWin32.Outbreak
FortinetW32/GenKryptik.FHOV!tr
AVGWin32:BankerX-gen [Trj]

How to remove Zusy.393635?

Zusy.393635 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

Leave a Comment