Malware

Zusy.398185 removal guide

Malware Removal

The Zusy.398185 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Zusy.398185 virus can do?

  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Dynamic (imported) function loading detected
  • Performs HTTP requests potentially not found in PCAP.
  • Enumerates running processes
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid

How to determine Zusy.398185?



File Info:

name: 13F8B79718F16B3BE87D.mlw
path: /opt/CAPEv2/storage/binaries/05b9fa27826d4f23d8b3dd04df0d8a5fbcc97582256ac83f1ef3e2b8fba68743
crc32: 24271F8B
md5: 13f8b79718f16b3be87d6bd609f8de6d
sha1: cbf2dd5ed14e09b8e434bc73d1a9c7411b240339
sha256: 05b9fa27826d4f23d8b3dd04df0d8a5fbcc97582256ac83f1ef3e2b8fba68743
sha512: 3f054fe49fef0aeedea2ed089b4bf702b81df4297875023805576e8ce7ee7e3b978e79201603108e4d65332850d6a8dc3368612df6ae3c5a20747c072af615b2
ssdeep: 49152:bzzQTsuiiC7d2bG7dvQZLHtNb1Y2FzMK3+uA4vT4VXOWGi5+kw:PpurLbG7dOLNNb1KS4VXNBc
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T1E2B59E213712C172DA5193B05E399BBFC12DA5280B794DDBE3C02FB9B9315D22B3295B
sha3_384: 89b48fa36ec553010450e007638542e87c4cf81dd3dc97db75f51c716792486c4939de44fb33a0900f4283e99e2b7c1a
ep_bytes: b8ff0000008b1da8bf2020f7c3000100
timestamp: 2021-11-25 19:02:49


Version Info:

0: [No Data]

Zusy.398185 also known as:

BkavW32.AIDetect.malware1
LionicTrojan.Win32.Zusy.4!c
MicroWorld-eScanGen:Variant.Zusy.398185
FireEyeGen:Variant.Zusy.398185
McAfeeArtemis!13F8B79718F1
CylanceUnsafe
CrowdStrikewin/malicious_confidence_60% (W)
CyrenW32/Zusy.IK.gen!Eldorado
SymantecML.Attribute.HighConfidence
TrendMicro-HouseCallTROJ_GEN.R002H09KR21
BitDefenderGen:Variant.Zusy.398185
AvastWin32:TrojanX-gen [Trj]
Ad-AwareGen:Variant.Zusy.398185
EmsisoftGen:Variant.Zusy.398185 (B)
JiangminTrojan.Fragtor.b
eGambitUnsafe.AI_Score_81%
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
GDataGen:Variant.Zusy.398185
ALYacGen:Variant.Zusy.398185
APEXMalicious
MAXmalware (ai score=85)
FortinetW32/PossibleThreat
AVGWin32:TrojanX-gen [Trj]

How to remove Zusy.398185?

Zusy.398185 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment