Malware

Zusy.403949 (B) malicious file

Malware Removal

The Zusy.403949 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Zusy.403949 (B) virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid

How to determine Zusy.403949 (B)?



File Info:

name: 742BF2960F0D92D831F0.mlw
path: /opt/CAPEv2/storage/binaries/61dce74b081dceee25501d45fce806e126c0abe885a25dff6014171fb9b3b4a2
crc32: 177C1B1C
md5: 742bf2960f0d92d831f0061c406413a1
sha1: 2e7b4bd0a08deeba15b094439a6f4972d7d332d5
sha256: 61dce74b081dceee25501d45fce806e126c0abe885a25dff6014171fb9b3b4a2
sha512: 38b3de94e0300c0a201a533da00af457f921ea59edfae4f5c7ed665767818f004545a7401a268f89fda1e5224f50db23e2fda93035b7bb649dd2561f4842e338
ssdeep: 98304:pYk117rMj7yL2lTubve1HLaoJ1ufPuJIYjRcxoqS5hmDNCjfZ5GC2:ZiJqzg2oJHGYjRcSqS5hQsjrGd
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1AD36230166944832D7E277355F61E2305736BE582E34869AA3F87E0BB7BF1832D34792
sha3_384: 4b62501fc11a2f79246f0edc75b5fce909bcf1ca74732d3b6067a286d11217ffb3f9bb5c5ddd713435da4c6b882f1f28
ep_bytes: e884040000e988feffff3b0d68d64300
timestamp: 2020-06-25 10:38:24


Version Info:

0: [No Data]

Zusy.403949 (B) also known as:

BkavW32.AIDetect.malware2
LionicTrojan.Win32.Boht.trXk
Elasticmalicious (moderate confidence)
MicroWorld-eScanGen:Variant.Zusy.403949
ALYacGen:Variant.Zusy.403949
CylanceUnsafe
SangforTrojan.Win32.Sabsik.FL
K7AntiVirusTrojan ( 005850dc1 )
AlibabaWorm:MSIL/Miner.25f0f7a6
K7GWTrojan ( 005850dc1 )
Cybereasonmalicious.60f0d9
ArcabitTrojan.Zusy.D629ED
CyrenW64/Coinminer.BN.gen!Eldorado
SymantecTrojan.Gen.2
tehtrisGeneric.Malware
ESET-NOD32a variant of MSIL/Kryptik.CLF
APEXMalicious
ClamAVWin.Packed.Zusy-9946460-0
Kasperskynot-a-virus:RiskTool.Win32.BitCoinMiner.olrn
BitDefenderGen:Variant.Zusy.403949
NANO-AntivirusTrojan.Win32.Zapchast.ewfwfw
AvastWin32:TrojanX-gen [Trj]
TencentMsil.Trojan.Kryptik.Aexv
Ad-AwareGen:Variant.Zusy.403949
EmsisoftGen:Variant.Zusy.403949 (B)
F-SecureHeuristic.HEUR/AGEN.1222458
DrWebTrojan.DownLoader9.35545
McAfee-GW-EditionBehavesLike.Win32.Generic.rc
FireEyeGeneric.mg.742bf2960f0d92d8
SophosMal/Generic-S (PUA)
IkarusTrojan.MSIL.Crypt
AviraHEUR/AGEN.1242196
MAXmalware (ai score=83)
MicrosoftTrojan:Win32/Wacatac.B!ml
ZoneAlarmTrojan.MSIL.Tpyn.chu
GDataGen:Variant.Zusy.403949
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win.Generic.C4692326
McAfeeGenericRXAA-FA!742BF2960F0D
VBA32TScope.Trojan.MSIL
MalwarebytesMalware.AI.4208224189
TrendMicro-HouseCallTROJ_GEN.R002H0CDM22
RisingHackTool.XMRMiner!1.C2EC (CLASSIC:sz7LlkK73MMygpUTSVDl6A)
SentinelOneStatic AI – Suspicious PE
FortinetMSIL/CoinMiner.BHP!tr
BitDefenderThetaGen:NN.ZexaF.34606.@BZ@aiLoaZoO
AVGWin32:TrojanX-gen [Trj]
CrowdStrikewin/malicious_confidence_90% (W)

How to remove Zusy.403949 (B)?

Zusy.403949 (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment