Malware

About “Zusy.406884” infection

Malware Removal

The Zusy.406884 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Zusy.406884 virus can do?

  • Injection (inter-process)
  • Injection (Process Hollowing)
  • Creates RWX memory
  • The binary likely contains encrypted or compressed data.
  • Executed a process and injected code into it, probably while unpacking
  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics

How to determine Zusy.406884?



File Info:

crc32: 4F79FB25
md5: 0cfe020120080f9d2e262f927e67440f
name: 0CFE020120080F9D2E262F927E67440F.mlw
sha1: bcfab387e3c54958bd932bb544f604e1a58095b8
sha256: 14ae4e36d2d02c199e2aa619ca521409767e37ec08c84620dd96a59c5ec9553d
sha512: 1f1f9cb48f456fdcfa082a4ec98743ff0c90e8af7cb11828e6682d1ecd7e966e092597c160825432811eb4bc32c52bc01bc121bbf0dce3eb19d91192e60be5f4
ssdeep: 12288:CdTGUomEFRu3xEPEoczoA8VnJvjPwpwXOLWwW1CnVyY:C0mOMSPEoWoA8VNjUwXOfWNY
type: PE32 executable (console) Intel 80386, for MS Windows


Version Info:

0: [No Data]

Zusy.406884 also known as:

Elasticmalicious (high confidence)
ALYacTrojan.Skipper.Gen.1
CylanceUnsafe
CrowdStrikewin/malicious_confidence_60% (D)
Cybereasonmalicious.7e3c54
APEXMalicious
AvastWin32:Malware-gen
CynetMalicious (score: 100)
KasperskyHEUR:Trojan.Win32.Inject.gen
BitDefenderGen:Variant.Zusy.406884
MicroWorld-eScanGen:Variant.Zusy.406884
Ad-AwareGen:Variant.Zusy.406884
SophosGeneric ML PUA (PUA)
ComodoMalware@#3kb4vob0fqs9f
McAfee-GW-EditionBehavesLike.Win32.Generic.hc
FireEyeGeneric.mg.0cfe020120080f9d
EmsisoftGen:Variant.Zusy.406884 (B)
SentinelOneStatic AI – Malicious PE
AviraTR/Dropper.Gen
eGambitUnsafe.AI_Score_99%
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
ArcabitTrojan.Zusy.D63564
GDataGen:Variant.Zusy.406884
AhnLab-V3Trojan/Win.Malware-gen.R450089
Acronissuspicious
MAXmalware (ai score=88)
VBA32Malware-Cryptor.Inject.gen
MalwarebytesMalware.AI.4254034386
IkarusTrojan.Win32.Agent
AVGWin32:Malware-gen

How to remove Zusy.406884?

Zusy.406884 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment