Malware

Zusy.394875 (B) removal

Malware Removal

The Zusy.394875 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Zusy.394875 (B) virus can do?

  • Executable code extraction
  • Injection (inter-process)
  • Injection (Process Hollowing)
  • Creates RWX memory
  • A process created a hidden window
  • Unconventionial language used in binary resources: Serbian
  • The binary likely contains encrypted or compressed data.
  • Executed a process and injected code into it, probably while unpacking
  • Detects Sandboxie through the presence of a library
  • Detects Avast Antivirus through the presence of a library
  • Network activity detected but not expressed in API logs

How to determine Zusy.394875 (B)?



File Info:

crc32: A6AF4B95
md5: 796abd8556244dcf962bccaa1ec4e011
name: 796ABD8556244DCF962BCCAA1EC4E011.mlw
sha1: a99ce1f449476181dffa979b49024899ef580607
sha256: f47560806cc02ef4c609e43a06b3c7230f6f9c6117d9ec7819535f152070df3c
sha512: 13e6479c90e7cda2e38de9bcea8f5122e4345edf4d9fb1554937b0782c5db30648d943b7db08c1863a8c86e8faf6d6ebcd189c4786791534cd6a9ebefa905271
ssdeep: 3072:W//rQe2dBf2XHwgzS4RkSI0MDib7PBJ6sp70BPuxaWC8C:ODQe2dtWwZxDrQa3BPAn
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

InternalName: coygmuofoke.exi
ProductVersion: 11.35.97.19
Copyright: Copyrighz (C) 2020, wodkaguds
Translation: 0x0484 0x0119

Zusy.394875 (B) also known as:

BkavW32.AIDetect.malware1
Elasticmalicious (high confidence)
CynetMalicious (score: 100)
CylanceUnsafe
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (D)
Cybereasonmalicious.449476
SymantecPacked.Generic.525
APEXMalicious
AvastWin32:PWSX-gen [Trj]
BitDefenderGen:Variant.Zusy.394875
Ad-AwareGen:Variant.Zusy.394875
SophosML/PE-A
McAfee-GW-EditionBehavesLike.Win32.Expiro.dh
FireEyeGeneric.mg.796abd8556244dcf
EmsisoftGen:Variant.Zusy.394875 (B)
SentinelOneStatic AI – Malicious PE
MicrosoftTrojan:Win32/Azorult.FW!MTB
Acronissuspicious
MAXmalware (ai score=81)
RisingTrojan.Kryptik!1.D82C (CLASSIC)
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/GenKryptik.ERHN!tr
AVGWin32:PWSX-gen [Trj]
Qihoo-360HEUR/QVM10.1.C93B.Malware.Gen

How to remove Zusy.394875 (B)?

Zusy.394875 (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment