Zusy.418986 removal

The Zusy.418986 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Zusy.418986 virus can do?

Yara rule detections observed from a process memory dump/dropped files/CAPE
Reads data out of its own binary image
Authenticode signature is invalid

How to determine Zusy.418986?


File Info:
name: F24F76C3D695386CFE50.mlw
path: /opt/CAPEv2/storage/binaries/b4523d474230cc0bb432ffeb3f457733ed2eed989f31519b7e61fb3f5b72b7b9
crc32: AB7FEA06
md5: f24f76c3d695386cfe5008eda02c7016
sha1: 27e82732ba7926d329c8042e94bd12cd9cbe1ba1
sha256: b4523d474230cc0bb432ffeb3f457733ed2eed989f31519b7e61fb3f5b72b7b9
sha512: 8275af74464343d7ae4fa6fd231153405bb10e8a4d90dfb6a88ab4c436b1c06db7123517c913aff3097f0c366baa3d9546216cdd82315da0df00df575cea6b84
ssdeep: 3072:dglilKqmhpo0Sb9OpxRrtdHiQj2Q9+7WHJnLXwULUIeRaLQVTMZJnJ:x9oLRrtNaQ9ISUPfVMZJn
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T1A8846C317B60C6B7E452173584AB9F25377ABE304B3366C377C4291E1DA13D8AE32A52
sha3_384: 8db239845b23473686b590aa2d802fca3cfa0bd6f43e1d3b28e73c39718d7ff69af20189ee64f4111f384856080f7871
ep_bytes: 6a006a016a00e869ba000085c075086a
timestamp: 2022-03-27 14:08:54

Version Info:
CompanyName: icofx software srl
FileDescription: icofx - The Professional Icon Editor
FileVersion: 3.7.1.0
InternalName: icofx
LegalCopyright: Copyright (C) 2005 - 2022 icofx software srl
LegalTrademarks: icofx
OriginalFilename: icofx3.exe
ProductName: icofx
ProductVersion: 3.7.1
Comments: Professional Icon Editor
ProgramID: com.embarcadero.icofx3
ThinAppBuildDateTime: 20220327 164849
ThinAppLicense: DrZero
ThinAppVersion: 2111.0.0-18970417
Translation: 0x0409 0x04e4

Zusy.418986 also known as:

Bkav	W32.AIDetect.malware2
Lionic	Trojan.Win32.Generic.4!c
MicroWorld-eScan	Gen:Variant.Zusy.418986
FireEye	Generic.mg.f24f76c3d695386c
ALYac	Gen:Variant.Zusy.418986
Cylance	Unsafe
Zillya	Trojan.Inject.Win32.318291
Sangfor	Trojan.Win32.Agent.Vbxz
Cyren	W32/S-1d5a7cc5!Eldorado
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
TrendMicro-HouseCall	TROJ_GEN.R002H09CV22
BitDefender	Gen:Variant.Zusy.418986
Ad-Aware	Gen:Variant.Zusy.418986
Emsisoft	Gen:Variant.Zusy.418986 (B)
VIPRE	Gen:Variant.Zusy.418986
McAfee-GW-Edition	BehavesLike.Win32.Rootkit.ft
SentinelOne	Static AI – Suspicious PE
Trapmine	malicious.high.ml.score
Sophos	Generic ML PUA (PUA)
APEX	Malicious
GData	Gen:Variant.Zusy.418986
Arcabit	Trojan.Zusy.D664AA
Microsoft	Trojan:Win32/Wacatac.B!ml
Google	Detected
McAfee	Artemis!F24F76C3D695
MAX	malware (ai score=83)
VBA32	Trojan.Bsymem
Ikarus	Virus.Win32.Jeefo
MaxSecure	Trojan.Malware.185605011.susgen
Fortinet	W32/PossibleThreat
Panda	Trj/Chgt.AD

How to remove Zusy.418986?

Zusy.418986 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X