Malware

Zusy.406256 information

Malware Removal

The Zusy.406256 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Zusy.406256 virus can do?

  • Presents an Authenticode digital signature
  • Authenticode signature is invalid
  • Anomalous binary characteristics
  • Binary compilation timestomping detected

How to determine Zusy.406256?



File Info:

name: DD75857B533D13A28310.mlw
path: /opt/CAPEv2/storage/binaries/a1c9d5c10fc59e2506ec82e3a322314c44c614bf9b561b3616d0e46d18455cb7
crc32: D5ED8A67
md5: dd75857b533d13a2831077223cf7e216
sha1: 80e57e6da1c534f1448602e1fb735b45d3f8f450
sha256: a1c9d5c10fc59e2506ec82e3a322314c44c614bf9b561b3616d0e46d18455cb7
sha512: f6ac405040c1f8ef079a14a6967c58ed225e958595283bbbce870414991ea6040109a2491bd6386ac013a2de624b11dd81dc613b9295a3a5c9d061c00e2d21a5
ssdeep: 12288:LADptCqTyAD/panXgQ/T0r5j4DO/B5fn5c7:LCxTyCxanXgQ/T0VwEz5K
type: PE32+ executable (GUI) x86-64, for MS Windows
tlsh: T12CD45C42DB8810A7DC765B30E1B0B7158B77FAE06AA5CB9F225C7D2D3D507809C253BA
sha3_384: 207fdc4fb78c1f1b1521015e465ef2950e90225c003aff7bdb7fb3aed4abecfd5c5b5cca97f9c3c9f428a3458f301892
ep_bytes: 40534883ec20488bd9e88a050000488b
timestamp: 2100-03-02 06:33:42


Version Info:

CompanyName: Microsoft Corporation
FileDescription: Client Server Runtime Process
FileVersion: 10.0.17134.1 (WinBuild.160101.0800)
InternalName: CSRSS.Exe
LegalCopyright: © Microsoft Corporation. All rights reserved.
OriginalFilename: CSRSS.Exe
ProductName: Microsoft® Windows® Operating System
ProductVersion: 10.0.17134.1
Translation: 0x0409 0x04b0

Zusy.406256 also known as:

Elasticmalicious (high confidence)
DrWebWin32.HLLW.Autoruner.547
MicroWorld-eScanGen:Variant.Zusy.406256
FireEyeGen:Variant.Zusy.406256
ALYacGen:Variant.Zusy.406256
CylanceUnsafe
Cybereasonmalicious.b533d1
CyrenW64/Ipamor.CZ.gen!Eldorado
ClamAVWin.Worm.Vindor-9886047-0
BitDefenderGen:Variant.Zusy.406256
AvastWin32:VB-FBX
SophosGeneric ML PUA (PUA)
McAfee-GW-EditionArtemis
EmsisoftGen:Variant.Zusy.406256 (B)
IkarusTrojan.Dropper
GDataGen:Variant.Zusy.406256
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
CynetMalicious (score: 100)
McAfeeArtemis!DD75857B533D
MAXmalware (ai score=85)
MalwarebytesMalware.AI.3696146603
RisingWorm.VB!1.DA41 (CLASSIC)
FortinetW64/Bulz.6330!tr
AVGWin32:VB-FBX

How to remove Zusy.406256?

Zusy.406256 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment