Zusy.420513 removal guide

The Zusy.420513 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Zusy.420513 virus can do?

SetUnhandledExceptionFilter detected (possible anti-debug)
Dynamic (imported) function loading detected
Attempts to connect to a dead IP:Port (11 unique times)
Network anomalies occured during the analysis.
Starts servers listening on 127.0.179.180:56990, 127.0.179.180:944, 127.0.179.180:5993, 127.0.179.180:1393, 127.0.179.180:933, 127.0.179.180:19922, 127.0.179.180:5560, 127.0.179.180:5561, 127.0.179.180:5562, 127.0.179.180:5563, 127.0.179.180:5564, 127.0.179.180:5565, 127.0.179.180:5566, 127.0.179.180:5567, 127.0.179.180:5568, 127.0.179.180:5569, 127.0.179.180:5570, 127.0.179.180:5571, 127.0.179.180:5572, 127.0.179.180:5573, 127.0.179.180:5574, 127.0.179.180:5575, 127.0.179.180:5576, 127.0.179.180:5577, 127.0.179.180:5578, 127.0.179.180:5579, 127.0.179.180:5580, 127.0.179.180:3840, 127.0.179.180:3841, 127.0.179.180:3842, 127.0.179.180:3843, 127.0.179.180:3844, 127.0.179.180:3845, 127.0.179.180:3846, 127.0.179.180:3847, 127.0.179.180:3848, 127.0.179.180:3849, 127.0.179.180:3850, 127.0.179.180:3851, 127.0.179.180:3852, 127.0.179.180:3853, 127.0.179.180:3854, 127.0.179.180:3855, 127.0.179.180:3856, 127.0.179.180:3857, 127.0.179.180:3858, 127.0.179.180:3859, 127.0.179.180:3860, 127.0.179.180:3861, 127.0.179.180:3862, 127.0.179.180:3863, 127.0.179.180:3864, 127.0.179.180:3865, 127.0.179.180:3866, 127.0.179.180:3867, 127.0.179.180:3868, 127.0.179.180:3869, 127.0.179.180:3870, 127.0.179.180:4710, 127.0.179.180:4711, 127.0.179.180:4712, 127.0.179.180:4713, 127.0.179.180:4714, 127.0.179.180:4715, 127.0.179.180:4716, 127.0.179.180:4717, 127.0.179.180:4718, 127.0.179.180:4719, 127.0.179.180:4720, 127.0.179.180:4721, 127.0.179.180:4722, 127.0.179.180:4723, 127.0.179.180:4724, 127.0.179.180:4725, 127.0.179.180:4726, 127.0.179.180:4727, 127.0.179.180:4728, 127.0.179.180:4729, 127.0.179.180:4730, 127.0.179.180:4731, 127.0.179.180:4732, 127.0.179.180:4733, 127.0.179.180:4734, 127.0.179.180:4735, 127.0.179.180:4736, 127.0.179.180:4737, 127.0.179.180:4738, 127.0.179.180:4739, 127.0.179.180:4740, 127.0.179.180:4741, 127.0.179.180:4742, 127.0.179.180:4743, 127.0.179.180:4744, 127.0.179.180:4745, 127.0.179.180:4746, 127.0.179.180:4747, 127.0.179.180:4748, 127.0.179.180:4749, 127.0.179.180:4750, 127.0.179.180:4751, 127.0.179.180:4752, 127.0.179.180:4753, 127.0.179.180:4754, 127.0.179.180:4755, 127.0.179.180:4756, 127.0.179.180:4757, 127.0.179.180:4758, 127.0.179.180:4759, 127.0.179.180:4760, 127.0.179.180:1400, 127.0.179.180:1500, 127.0.179.180:1600, 127.0.179.180:1700, 127.0.179.180:1800, 127.0.179.180:1900, 127.0.179.180:29520, 127.0.179.180:29521, 127.0.179.180:29522, 127.0.179.180:29523, 127.0.179.180:29524, 127.0.179.180:29525, 127.0.179.180:29526, 127.0.179.180:29527, 127.0.179.180:29528, 127.0.179.180:29529, 127.0.179.180:29530, 127.0.179.180:29531, 127.0.179.180:29532, 127.0.179.180:29533, 127.0.179.180:29534, 127.0.179.180:29535, 127.0.179.180:29536, 127.0.179.180:29537, 127.0.179.180:29538, 127.0.179.180:29539, 127.0.179.180:29540, 127.0.179.180:29541, 127.0.179.180:29542, 127.0.179.180:29543, 127.0.179.180:29544, 127.0.179.180:29545, 127.0.179.180:29546, 127.0.179.180:29547, 127.0.179.180:29548, 127.0.179.180:29549, 127.0.179.180:29550, 127.0.179.180:6001, 127.0.179.180:6002, 127.0.179.180:6003, 127.0.179.180:6004, 127.0.179.180:6005, 127.0.179.180:6006, 127.0.179.180:6007, 127.0.179.180:6008, 127.0.179.180:6009, 127.0.179.180:6010, 127.0.179.180:6011, 127.0.179.180:6012, 127.0.179.180:6013, 127.0.179.180:2321, 127.0.179.180:2322, 127.0.179.180:2323, 127.0.179.180:2324, 127.0.179.180:2325, 127.0.179.180:2326, 127.0.179.180:2327, 127.0.179.180:2328, 127.0.179.180:2329, 127.0.179.180:5910, 127.0.179.180:5920, 127.0.179.180:5930, 127.0.179.180:5940, 127.0.179.180:5950, 127.0.179.180:5960, 127.0.179.180:5970, 127.0.179.180:5980, 127.0.179.180:5990, 127.0.179.180:1613, 127.0.179.180:3715, 127.0.179.180:1612, 127.0.179.180:7985, 127.0.179.180:9191, 127.0.179.180:1989, 127.0.179.180:14100, 127.0.179.180:891, 127.0.179.180:1300, 127.0.179.180:1992, 127.0.179.180:1407, 127.0.179.180:1408, 127.0.179.180:1409, 127.0.179.180:3810, 127.0.179.180:3811, 127.0.179.180:3812, 127.0.179.180:3813, 127.0.179.180:3814, 127.0.179.180:3815, 127.0.179.180:3816, 127.0.179.180:3817, 127.0.179.180:3818, 127.0.179.180:3819, 127.0.179.180:3820, 127.0.179.180:3821, 127.0.179.180:3822, 127.0.179.180:3823, 127.0.179.180:3824, 127.0.179.180:3825, 127.0.179.180:3826, 127.0.179.180:3827, 127.0.179.180:3828, 127.0.179.180:3829, 127.0.179.180:3830, 127.0.179.180:5640, 127.0.179.180:5641, 127.0.179.180:5642, 127.0.179.180:5643, 127.0.179.180:5644, 127.0.179.180:5645, 127.0.179.180:5646, 127.0.179.180:5647, 127.0.179.180:5648, 127.0.179.180:5649, 127.0.179.180:5650, 127.0.179.180:50101, 127.0.179.180:50102, 127.0.179.180:50103, 127.0.179.180:50104, 127.0.179.180:50105, 127.0.179.180:50106, 127.0.179.180:50107, 127.0.179.180:50108, 127.0.179.180:50109, 127.0.179.180:50110, 127.0.179.180:1620, 127.0.179.180:1621, 127.0.179.180:1622, 127.0.179.180:1623, 127.0.179.180:1624, 127.0.179.180:1625, 127.0.179.180:1626, 127.0.179.180:1627, 127.0.179.180:1628, 127.0.179.180:1629, 127.0.179.180:1630, 127.0.179.180:3740, 127.0.179.180:3741, 127.0.179.180:3742, 127.0.179.180:3743, 127.0.179.180:3744, 127.0.179.180:3745, 127.0.179.180:3746, 127.0.179.180:3747, 127.0.179.180:3748, 127.0.179.180:3749, 127.0.179.180:3750, 127.0.179.180:3610, 127.0.179.180:3611, 127.0.179.180:3612, 127.0.179.180:3613, 127.0.179.180:3614, 127.0.179.180:3615, 127.0.179.180:3616, 127.0.179.180:3617, 127.0.179.180:3618, 127.0.179.180:3619, 127.0.179.180:3620, 127.0.179.180:3621, 127.0.179.180:3622, 127.0.179.180:3623, 127.0.179.180:3624, 127.0.179.180:3625, 127.0.179.180:3626, 127.0.179.180:3627, 127.0.179.180:3628, 127.0.179.180:3629, 127.0.179.180:3630, 127.0.179.180:3631, 127.0.179.180:3632, 127.0.179.180:3633, 127.0.179.180:3634, 127.0.179.180:3635, 127.0.179.180:3636, 127.0.179.180:3637, 127.0.179.180:3638, 127.0.179.180:3639, 127.0.179.180:3640, 127.0.179.180:13011, 127.0.179.180:13012, 127.0.179.180:13013, 127.0.179.180:13014, 127.0.179.180:13015, 127.0.179.180:13016, 127.0.179.180:13017, 127.0.179.180:13018, 127.0.179.180:13019, 127.0.179.180:13020, 127.0.179.180:13021, 127.0.179.180:13022, 127.0.179.180:13023, 127.0.179.180:13024, 127.0.179.180:13025, 127.0.179.180:13026, 127.0.179.180:13027, 127.0.179.180:13028, 127.0.179.180:13029, 127.0.179.180:13030, 127.0.179.180:13031, 127.0.179.180:13032, 127.0.179.180:13033, 127.0.179.180:13034, 127.0.179.180:13035, 127.0.179.180:13036, 127.0.179.180:13037, 127.0.179.180:13038, 127.0.179.180:13039, 127.0.179.180:13040, 127.0.179.180:13041, 127.0.179.180:13042, 127.0.179.180:13043, 127.0.179.180:13044, 127.0.179.180:13045, 127.0.179.180:13046, 127.0.179.180:13047, 127.0.179.180:13048, 127.0.179.180:13049, 127.0.179.180:13050, 127.0.179.180:13051, 127.0.179.180:13052, 127.0.179.180:13053, 127.0.179.180:13054, 127.0.179.180:13055, 127.0.179.180:13056, 127.0.179.180:13057, 127.0.179.180:13058, 127.0.179.180:13059, 127.0.179.180:13060, 127.0.179.180:13061, 127.0.179.180:13062, 127.0.179.180:13063, 127.0.179.180:13064, 127.0.179.180:13065, 127.0.179.180:13066, 127.0.179.180:13067, 127.0.179.180:13068, 127.0.179.180:13069, 127.0.179.180:13070, 127.0.179.180:13071, 127.0.179.180:13072, 127.0.179.180:13073, 127.0.179.180:13074, 127.0.179.180:13075, 127.0.179.180:13076, 127.0.179.180:13077, 127.0.179.180:13078, 127.0.179.180:13079, 127.0.179.180:13080, 127.0.179.180:13081, 127.0.179.180:13082, 127.0.179.180:13083, 127.0.179.180:13084, 127.0.179.180:13085, 127.0.179.180:13086, 127.0.179.180:13087, 127.0.179.180:13088, 127.0.179.180:13089, 127.0.179.180:13090, 127.0.179.180:13091, 127.0.179.180:13092, 127.0.179.180:13093, 127.0.179.180:13094, 127.0.179.180:13095, 127.0.179.180:13096, 127.0.179.180:13097, 127.0.179.180:13098, 127.0.179.180:13099, 127.0.179.180:13100, 127.0.179.180:50460, 127.0.179.180:50461, 127.0.179.180:50462, 127.0.179.180:50463, 127.0.179.180:50464, 127.0.179.180:50465, 127.0.179.180:50466, 127.0.179.180:50467, 127.0.179.180:50468, 127.0.179.180:50469, 127.0.179.180:50470, 127.0.179.180:4761, 127.0.179.180:4762, 127.0.179.180:4763, 127.0.179.180:4764, 127.0.179.180:4765, 127.0.179.180:4766, 127.0.179.180:4767, 127.0.179.180:4768, 127.0.179.180:4769, 127.0.179.180:4770, 127.0.179.180:1405, 127.0.179.180:1406, 127.0.179.180:14001, 127.0.179.180:14002, 127.0.179.180:14003, 127.0.179.180:14004, 127.0.179.180:14005, 127.0.179.180:14006, 127.0.179.180:14007, 127.0.179.180:14008, 127.0.179.180:14009, 127.0.179.180:14010, 127.0.179.180:14011, 127.0.179.180:14012, 127.0.179.180:14013, 127.0.179.180:14014, 127.0.179.180:14015, 127.0.179.180:14016, 127.0.179.180:14017, 127.0.179.180:14018, 127.0.179.180:14019, 127.0.179.180:14020, 127.0.179.180:14021, 127.0.179.180:14022, 127.0.179.180:14023, 127.0.179.180:14024, 127.0.179.180:14025, 127.0.179.180:14026, 127.0.179.180:14027, 127.0.179.180:14028, 127.0.179.180:14029, 127.0.179.180:14030, 127.0.179.180:16001, 127.0.179.180:16002, 127.0.179.180:16003, 127.0.179.180:16004, 127.0.179.180:16005, 127.0.179.180:16006, 127.0.179.180:16007, 127.0.179.180:16008, 127.0.179.180:16009, 127.0.179.180:16010, 127.0.179.180:16011, 127.0.179.180:16012, 127.0.179.180:16013, 127.0.179.180:16014, 127.0.179.180:16015, 127.0.179.180:16016, 127.0.179.180:16017, 127.0.179.180:16018, 127.0.179.180:16019, 127.0.179.180:16020, 127.0.179.180:16021, 127.0.179.180:16022, 127.0.179.180:16023, 127.0.179.180:16024, 127.0.179.180:16025, 127.0.179.180:16026, 127.0.179.180:16027, 127.0.179.180:16028, 127.0.179.180:16029, 127.0.179.180:16030, 127.0.179.180:16031, 127.0.179.180:16032, 127.0.179.180:16033, 127.0.179.180:16034, 127.0.179.180:16035, 127.0.179.180:16036, 127.0.179.180:16037, 127.0.179.180:16038, 127.0.179.180:16039, 127.0.179.180:16040, 127.0.179.180:16041, 127.0.179.180:16042, 127.0.179.180:16043, 127.0.179.180:16044, 127.0.179.180:16045, 127.0.179.180:16046, 127.0.179.180:16047, 127.0.179.180:16048, 127.0.179.180:16049, 127.0.179.180:16050, 127.0.179.180:1601, 127.0.179.180:1602, 127.0.179.180:1603, 127.0.179.180:1604, 127.0.179.180:1605, 127.0.179.180:1606, 127.0.179.180:1607, 127.0.179.180:1608, 127.0.179.180:1609, 127.0.179.180:1610, 127.0.179.180:1991, 127.0.179.180:13001, 127.0.179.180:13002, 127.0.179.180:13003, 127.0.179.180:13004, 127.0.179.180:13005, 127.0.179.180:13006, 127.0.179.180:13007, 127.0.179.180:13008, 127.0.179.180:13009, 127.0.179.180:13010, 127.0.179.180:1301, 127.0.179.180:1302, 127.0.179.180:1303, 127.0.179.180:1304, 127.0.179.180:1305, 127.0.179.180:1306, 127.0.179.180:1307, 127.0.179.180:1308, 127.0.179.180:1309, 127.0.179.180:1310, 127.0.179.180:19911, 127.0.179.180:19912, 127.0.179.180:19913, 127.0.179.180:19914, 127.0.179.180:19915, 127.0.179.180:19916, 127.0.179.180:19917, 127.0.179.180:19918, 127.0.179.180:19919, 127.0.179.180:19920
Reads data out of its own binary image
Unconventionial language used in binary resources: Chinese (Simplified)
Authenticode signature is invalid
Anomalous binary characteristics

How to determine Zusy.420513?


File Info:
name: 787A5C7B7B15188881CE.mlw
path: /opt/CAPEv2/storage/binaries/4b69462f5efdba095535e294a89fd48ef4aaefa1e1cb9d2ee17b38a8f924774e
crc32: 1CF0BC90
md5: 787a5c7b7b15188881ce0dd5207c0492
sha1: c5261aac13592f210b8b0e25412ec414bea9a36b
sha256: 4b69462f5efdba095535e294a89fd48ef4aaefa1e1cb9d2ee17b38a8f924774e
sha512: 0218ade1a03699fc5391b61066caac7ddafcbdba222fecf20b451be4c223e0d701359dd3ce9c5bee45691a8e4807747c6e2842709a0192c88b501a1c77a485ed
ssdeep: 196608:iG0Cnv7TReOp/b76C678JbY9z/2wu1sBqsEs44Ob/4UZU0F38XaIrOkqhgpo8kS:D4C7x6AJU9DI7s5e/FsKIrO5hg6i
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T10DC6E101E751C27BF9A310B6C9BE572E54BC9B31170594C3E3D42E6D4A726F22A3A393
sha3_384: 5e7c0f9a4a4fe5ee0a5b499d61bcd8ae9542d5400c049869d24d5a54fcbea00bdf2e5df60e83760b11596cfe7510205a
ep_bytes: e8f3f30000e979feffff8bff558bec53
timestamp: 2021-10-13 02:36:14

Version Info:
0: [No Data]

Zusy.420513 also known as:

Bkav	W32.AIDetect.malware2
tehtris	Generic.Malware
MicroWorld-eScan	Gen:Variant.Zusy.420513
FireEye	Generic.mg.787a5c7b7b151888
BitDefender	Gen:Variant.Zusy.420513
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
Avast	Win32:TrojanX-gen [Trj]
Rising	Trojan.Generic@AI.99 (RDMK:cmRtazpSUYnHEYiCYX+47Bs/tW1r)
Ad-Aware	Gen:Variant.Zusy.420513
Emsisoft	Gen:Variant.Zusy.420513 (B)
GData	Gen:Variant.Zusy.420513
Avira	HEUR/AGEN.1242865
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
Cynet	Malicious (score: 99)
AhnLab-V3	Trojan/Win.Generic.R474017
VBA32	BScope.TrojanDropper.Dapato
ALYac	Gen:Variant.Zusy.420513
MAX	malware (ai score=84)
AVG	Win32:TrojanX-gen [Trj]

How to remove Zusy.420513?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

Gridinsoft Anti-Malware

How to determine Zusy.420513?

File Info:

Version Info:

Zusy.420513 also known as:

How to remove Zusy.420513?

About the author

Paul Valéry

Leave a Comment X

Gridinsoft Anti-Malware

How to determine Zusy.420513?

File Info:

Version Info:

Zusy.420513 also known as:

How to remove Zusy.420513?

You may also like

About the author

Paul Valéry

Leave a Comment X