Malware

Zusy.436656 malicious file

Malware Removal

The Zusy.436656 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Zusy.436656 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • CAPE extracted potentially suspicious content
  • Unconventionial language used in binary resources: Korean
  • Authenticode signature is invalid
  • CAPE detected the RaccoonV2 malware family
  • Attempts to modify proxy settings
  • Collects information to fingerprint the system
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Zusy.436656?



File Info:

name: 8272BF4D1AFE03FC4C59.mlw
path: /opt/CAPEv2/storage/binaries/a29abecaf912459ea1db434f75e96f87c3c26746c1a4a842fcc44f7863d1becc
crc32: E03104D4
md5: 8272bf4d1afe03fc4c595c6c81545cfd
sha1: 1899c81a09c4f89b4a28fbd1074628d0d0a57348
sha256: a29abecaf912459ea1db434f75e96f87c3c26746c1a4a842fcc44f7863d1becc
sha512: 7cb8970c51be7e41b166142ed995ef73243ab91edb213d4d57dd2ca21cf5850334bf1f05fa2876e8c6a06f73a9bcab3f1412dd1320c3ddf14cdcc8b205b5fb77
ssdeep: 24576:V7DtlSDAlZvEFZhbS7buPPcedeHP5XLnfeNw0Kxk6bvmwiiw9zVZprY8fWg5r11T:hOKVizL3cvt220Kxk6bOwgVVZBYu5r1l
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1E8552B2061125139F96704F28EBE5A6CD2ACA9A0174564C3E3CC5D5E8EF68F3763363B
sha3_384: 259797f87468dd6dca541a9e07409016e209c3981a284123263046581788b0f2429cc5ec70264a2094a43a818fef536f
ep_bytes: 558bec6aff68e866510068e08c4d0064
timestamp: 2021-06-17 17:38:56


Version Info:

FileVersion: 3.6.4.0
FileDescription: SmartBrowser GUI
LegalCopyright: © 2004
ProductName: SmartBrowser GUI
Translation: 0x0412 0x04b0

Zusy.436656 also known as:

LionicTrojan.Win32.Stealer.12!c
MicroWorld-eScanGen:Variant.Zusy.436656
FireEyeGen:Variant.Zusy.436656
ALYacGen:Variant.Zusy.436656
MalwarebytesSpyware.RedLineStealer
VIPREGen:Variant.Zusy.436656
SangforInfostealer.Win32.Agent.Vr60
K7AntiVirusPassword-Stealer ( 005934bd1 )
AlibabaTrojanSpy:Win32/Stealer.3b7c3231
K7GWPassword-Stealer ( 005934bd1 )
CrowdStrikewin/malicious_confidence_100% (W)
CyrenW32/ABRisk.OIAS-6051
Elasticmalicious (high confidence)
ESET-NOD32Win32/PSW.Agent.OOQ
APEXMalicious
KasperskyHEUR:Trojan-Spy.Win32.Stealer.gen
BitDefenderGen:Variant.Zusy.436656
AvastWin32:Malware-gen
TencentWin32.Trojan-Spy.Stealer.Eflw
EmsisoftGen:Variant.Zusy.436656 (B)
F-SecureTrojan.TR/PSW.Agent.zrguf
ZillyaTrojan.Agent.Win32.2989935
TrendMicroTROJ_GEN.R06EC0PBH23
McAfee-GW-EditionGenericRXUB-SU!8272BF4D1AFE
Trapminemalicious.moderate.ml.score
SophosMal/Generic-S
GDataGen:Variant.Zusy.436656
JiangminTrojanSpy.Stealer.achy
WebrootW32.Trojan.Gen
AviraTR/PSW.Agent.zrguf
Antiy-AVLTrojan/Win32.GenKryptik
XcitiumMalware@#240p7ijd07h4p
ArcabitTrojan.Zusy.D6A9B0
ZoneAlarmHEUR:Trojan-Spy.Win32.Stealer.gen
MicrosoftTrojan:Win32/Wacatac.B!ml
GoogleDetected
AhnLab-V3Trojan/Win.Generic.C5232119
McAfeeGenericRXUB-SU!8272BF4D1AFE
MAXmalware (ai score=100)
VBA32TrojanPSW.RedLine
Cylanceunsafe
PandaTrj/Chgt.AA
TrendMicro-HouseCallTROJ_GEN.R06EC0PBH23
RisingTrojan.Generic@AI.87 (RDML:LSimxta+UFf1QojXtVLYxg)
IkarusTrojan.Win32.Krypt
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Agent.OOQ!tr.pws
AVGWin32:Malware-gen
DeepInstinctMALICIOUS

How to remove Zusy.436656?

Zusy.436656 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment