Should I remove “Zusy.426043”?

The Zusy.426043 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Zusy.426043 virus can do?

The binary contains an unknown PE section name indicative of packing
The executable is compressed using UPX
Authenticode signature is invalid

How to determine Zusy.426043?


File Info:
name: F64EC9A8FB03A9D6F2EB.mlw
path: /opt/CAPEv2/storage/binaries/40c7efb6446b647afbde38856d1c02c35ed2b01a077ac35fd87778a5c9776a98
crc32: 4A67E6A5
md5: f64ec9a8fb03a9d6f2eb0b27f853864c
sha1: fb48010d42058670122ef292e01fd5a1fa8b33fc
sha256: 40c7efb6446b647afbde38856d1c02c35ed2b01a077ac35fd87778a5c9776a98
sha512: 2f2e76872df1a095e57312c3e1c4eb5d242b91f422b9fef11957b19b2ff4995c0cafa165d7bfdfb6666506154f76a06427b49d6af56bde22e0be8b1cddb914aa
ssdeep: 96:eTaGh+Vnk3czhnGhdGgqVFLG/61x135sS7+PJDk0wM1khIM/Rxo7cQQE12l:eTJ0Vk3czhZGi535kPJDkO1sI22mE1c
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T133724BC3BFED1A35C0154230EB918803A1F6949497BE8363BEDC8AC3ECD31508A79745
sha3_384: 75f5a3cb1a361997e1c74d396b6563f29e40d61521c970cfc5aca4bd1527c099d4c6717ce128661b2b118149bcffcfe2
ep_bytes: 60be007041008dbe00a0feff57eb0b90
timestamp: 2022-02-28 21:11:34

Version Info:
0: [No Data]

Zusy.426043 also known as:

Bkav	W32.AIDetect.malware1
MicroWorld-eScan	Gen:Variant.Zusy.426043
FireEye	Generic.mg.f64ec9a8fb03a9d6
McAfee	GenericRXAA-FA!F64EC9A8FB03
Cylance	Unsafe
Sangfor	Trojan.Win32.Save.a
Cybereason	malicious.d42058
BitDefenderTheta	Gen:NN.ZexaF.34754.bmW@amvK@ph
Cyren	W32/Graftor.GD.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (moderate confidence)
APEX	Malicious
Kaspersky	VHO:Trojan.Win32.Agent.gen
BitDefender	Gen:Variant.Zusy.426043
Avast	Win32:Malware-gen
Ad-Aware	Gen:Variant.Zusy.426043
Emsisoft	Gen:Variant.Zusy.426043 (B)
Comodo	Packed.Win32.MUPX.Gen@24tbus
VIPRE	Gen:Variant.Zusy.426043
Trapmine	malicious.high.ml.score
Sophos	Generic ML PUA (PUA)
SentinelOne	Static AI – Suspicious PE
GData	Gen:Variant.Zusy.426043
Jiangmin	Trojan.Agent.dyfl
Google	Detected
Avira	TR/Crypt.ULPM.Gen
Arcabit	Trojan.Zusy.D6803B
Microsoft	Trojan:Win32/Wacatac.B!ml
Cynet	Malicious (score: 100)
AhnLab-V3	Trojan/Win.Generic.C4786956
Acronis	suspicious
ALYac	Gen:Variant.Zusy.426043
MAX	malware (ai score=88)
Malwarebytes	Malware.AI.1322870186
Ikarus	Trojan-GameThief.Win32.Nilage
Fortinet	W32/ULPM.2C75!tr
AVG	Win32:Malware-gen

How to remove Zusy.426043?

Zusy.426043 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X