Malware

Zusy.413541 (B) (file analysis)

Malware Removal

The Zusy.413541 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Zusy.413541 (B) virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Dynamic (imported) function loading detected
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Zusy.413541 (B)?



File Info:

name: 8FD5A33694C724328F2D.mlw
path: /opt/CAPEv2/storage/binaries/d619e885f53f000e765f1440c660ac8c12986bfb5e44122d2fcec7bb01e0b1b6
crc32: 86FB1121
md5: 8fd5a33694c724328f2d9d3bbf5d9a9e
sha1: d9daab784cd4c8b8da5765e613380aa3029f8a57
sha256: d619e885f53f000e765f1440c660ac8c12986bfb5e44122d2fcec7bb01e0b1b6
sha512: e49244bae319f88954370de3fa149180475624749e00ea5ca01777dc7b5f199cdf3046d42c87a5ab6f82d88b0654f87b7582f7fc583184f9d8055fc343f2ab30
ssdeep: 12288:Ivc9wUIqfjNftHI9XbAcj/dKZQ0Ejx4I+a:IqwUIqfjNlI9rAcjUqbj2I
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T12AE49DCBF99B859FE07135769C4A6AF2715A107348CD8D0600BC0FAC0A966936DA7F37
sha3_384: 3164641e4dfe6b7f290850d3d53a247475c346382ab85dc8854c691e54ec15c4556342394ce013949c1ec4663333b2bf
ep_bytes: f873016d60eb0c368c484d45350ef698
timestamp: 2022-01-21 10:09:09


Version Info:

FileVersion: 1.0.0.0
FileDescription: 易语言程序
ProductName: 易语言程序
ProductVersion: 1.0.0.0
LegalCopyright: 作者版权所有 请尊重并使用正版
Comments: 本程序使用易语言编写(http://www.eyuyan.com)
Translation: 0x0804 0x04b0

Zusy.413541 (B) also known as:

BkavW32.AIDetect.malware1
LionicVirus.Win32.Nimnul.lpqo
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Zusy.413541
FireEyeGeneric.mg.8fd5a33694c72432
McAfeeFlyagent.d
CylanceUnsafe
SangforTrojan.Win32.MultiPacked.gen
CrowdStrikewin/malicious_confidence_70% (W)
AlibabaTrojan:Win32/Farfli.41b1203a
K7GWTrojan ( 00539b2c1 )
K7AntiVirusTrojan ( 0040f54a1 )
CyrenW32/A-8128ee96!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Packed.FlyStudio.AA potentially unwanted
APEXMalicious
Paloaltogeneric.ml
KasperskyPacked.Multi.MultiPacked.gen
BitDefenderGen:Variant.Zusy.413541
NANO-AntivirusVirus.Win32.Agent.dvixmz
AvastWin32:Pasta [Cryp]
TencentWin32.Packed.Multipacked.Egev
EmsisoftGen:Variant.Zusy.413541 (B)
ComodoTrojWare.Win32.Agent.OSCF@5rs7jr
TrendMicroTROJ_GEN.R035C0PAV22
McAfee-GW-EditionBehavesLike.Win32.Generic.jc
SophosW32/Pidgeon-A
JiangminPacked.Multi.jzw
AviraTR/Farfli.vsdfd
MAXmalware (ai score=85)
Antiy-AVLTrojan/Generic.ASMalwS.351D071
GridinsoftRansom.Win32.Sabsik.sa
MicrosoftTrojan:Win32/Farfli.B!MTB
ZoneAlarmPacked.Multi.MultiPacked.gen
GDataWin32.Application.PUPStudio.A
CynetMalicious (score: 100)
AhnLab-V3Packed/Win.MultiPacked.R467935
BitDefenderThetaGen:NN.ZexaF.34182.Qu0@aus!@Bib
ALYacGen:Variant.Zusy.413541
VBA32Trojan.Sabsik.FL
MalwarebytesPUP.Optional.ChinAd
TrendMicro-HouseCallTROJ_GEN.R035C0PAV22
SentinelOneStatic AI – Malicious PE
eGambitUnsafe.AI_Score_99%
FortinetW32/CoinMiner.BELF!tr
AVGWin32:Pasta [Cryp]
Cybereasonmalicious.694c72
PandaTrj/Genetic.gen
MaxSecureDropper.Dinwod.frindll

How to remove Zusy.413541 (B)?

Zusy.413541 (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment