Malware

About “Zusy.408464” infection

Malware Removal

The Zusy.408464 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Zusy.408464 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • Enumerates running processes
  • Expresses interest in specific running processes
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Creates a copy of itself

How to determine Zusy.408464?



File Info:

name: 81D022262553A9A140EF.mlw
path: /opt/CAPEv2/storage/binaries/2df9d61a8eb42034d43b7b29e11750aac80539343d0af388a4ad6326fc3883f0
crc32: 584A7BF7
md5: 81d022262553a9a140ef294e712c7efb
sha1: b7341105b0363a4f8cf176b64d01c734424bf024
sha256: 2df9d61a8eb42034d43b7b29e11750aac80539343d0af388a4ad6326fc3883f0
sha512: 8d7808ea705d4deeb429e62a13e7803be6148f4ec3ff50f794bd8a200e92f48207779240d1e8e1655bd366b19f96681bd0e1a370b1393cf0d259cd704b4c99b3
ssdeep: 6144:AgdvhHUdviVXdvadvquRDdvYu2OdvcWkrdvop1dvc42FFTK+NUS5lha9revs8xsA:/vUcVXQQuRDCu74GvwRPWrYx3
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1C4E439196038C02BE6B27F7EAE3744D64C6A4D94436C35DFA1A4ADC78DF4AC2A73450E
sha3_384: 88786bd4b892de233c23894e7543edf8846a1ea23ded5f9d1c3d7d406bff933653aa1ad507cc3a04bb98a30a57f6d398
ep_bytes: 558bec6aff68a8c8460068e2a2460064
timestamp: 2021-11-26 02:06:10


Version Info:

FileDescription: initFlash Application
FileVersion: 1.2.6.0
InternalName: initFlash.exe
LegalCopyright: Copyright (C) 1998-2017 LSoft Technologies
OriginalFilename: initFlash.exe
ProductName: initFlas Application
ProductVersion: 1.2.6.0
Translation: 0x0409 0x04b0

Zusy.408464 also known as:

BkavW32.AIDetect.malware1
LionicTrojan.Win32.Staser.4!c
Elasticmalicious (high confidence)
CynetMalicious (score: 100)
FireEyeGeneric.mg.81d022262553a9a1
McAfeeGenericRXAA-AA!81D022262553
CylanceUnsafe
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 005690671 )
AlibabaTrojan:Win32/Staser.e07b1a53
K7GWTrojan ( 005690671 )
CrowdStrikewin/malicious_confidence_80% (W)
ArcabitTrojan.Zusy.D63B90
BitDefenderThetaGen:NN.ZexaF.34114.Oy0@aetCmPpi
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Kryptik.HATU
TrendMicro-HouseCallTROJ_GEN.R002C0PKT21
Paloaltogeneric.ml
KasperskyHEUR:Trojan.Win32.Staser.gen
BitDefenderGen:Variant.Zusy.408464
NANO-AntivirusVirus.Win32.Gen.ccmw
MicroWorld-eScanGen:Variant.Zusy.408464
AvastWin32:TrojanX-gen [Trj]
TencentWin32.Trojan.Zusy.Eawu
Ad-AwareGen:Variant.Zusy.408464
EmsisoftGen:Variant.Zusy.408464 (B)
TrendMicroTROJ_GEN.R002C0PKT21
McAfee-GW-EditionBehavesLike.Win32.Injector.jh
SophosMal/Generic-S
IkarusTrojan.Win32.Crypt
JiangminTrojan.Staser.kmi
AviraHEUR/AGEN.1142521
MAXmalware (ai score=80)
Antiy-AVLTrojan/Generic.ASMalwS.34DF1E8
GridinsoftRansom.Win32.Sabsik.sa
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
GDataWin32.Trojan.PSE.13M60MZ
AhnLab-V3Trojan/Win.OR.R453644
VBA32Trojan.Staser
ALYacGen:Variant.Zusy.408464
MalwarebytesAdware.Agent.SFP.Generic
APEXMalicious
RisingTrojan.Kryptik!1.AA55 (CLASSIC)
YandexTrojan.Staser!Y4Ksent1erM
SentinelOneStatic AI – Malicious PE
FortinetW32/Kryptik.HATU!tr
AVGWin32:TrojanX-gen [Trj]
PandaTrj/GdSda.A

How to remove Zusy.408464?

Zusy.408464 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment